diff --git a/plugins/inputs/win_eventlog/README.md b/plugins/inputs/win_eventlog/README.md
index f9e05b271..e5aff002b 100644
--- a/plugins/inputs/win_eventlog/README.md
+++ b/plugins/inputs/win_eventlog/README.md
@@ -69,6 +69,9 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details.
   ## events will be logged.
   # from_beginning = false
 
+  ## Number of events to fetch in one batch
+  # event_batch_size = 5
+
   # Process UserData XML to fields, if this node exists in Event XML
   # process_userdata = true
 
@@ -148,6 +151,15 @@ XML Query documentation:
 
 <https://docs.microsoft.com/en-us/windows/win32/wes/consuming-events>
 
+## Troubleshooting
+
+In case you see a `Collection took longer than expected` warning, there might
+be a burst of events logged and the API is not able to deliver them fast enough
+to complete processing within the specified interval. Tweaking the
+`event_batch_size` setting might help to mitigate the issue.
+The said warning does not indicate data-loss, but you should investige the
+amount of events you log.
+
 ## Metrics
 
 You can send any field, *System*, *Computed* or *XML* as tag field. List of
diff --git a/plugins/inputs/win_eventlog/sample.conf b/plugins/inputs/win_eventlog/sample.conf
index dbc7cc632..c108e42cf 100644
--- a/plugins/inputs/win_eventlog/sample.conf
+++ b/plugins/inputs/win_eventlog/sample.conf
@@ -44,6 +44,9 @@
   ## events will be logged.
   # from_beginning = false
 
+  ## Number of events to fetch in one batch
+  # event_batch_size = 5
+
   # Process UserData XML to fields, if this node exists in Event XML
   # process_userdata = true
 
diff --git a/plugins/inputs/win_eventlog/win_eventlog.go b/plugins/inputs/win_eventlog/win_eventlog.go
index fe2d8b473..f57b3b867 100644
--- a/plugins/inputs/win_eventlog/win_eventlog.go
+++ b/plugins/inputs/win_eventlog/win_eventlog.go
@@ -34,6 +34,7 @@ type WinEventLog struct {
 	EventlogName           string          `toml:"eventlog_name"`
 	Query                  string          `toml:"xpath_query"`
 	FromBeginning          bool            `toml:"from_beginning"`
+	BatchSize              uint32          `toml:"event_batch_size"`
 	ProcessUserData        bool            `toml:"process_userdata"`
 	ProcessEventData       bool            `toml:"process_eventdata"`
 	Separator              string          `toml:"separator"`
@@ -57,6 +58,11 @@ func (*WinEventLog) SampleConfig() string {
 }
 
 func (w *WinEventLog) Init() error {
+	// Set default for batch-size
+	if w.BatchSize < 1 {
+		w.BatchSize = 5
+	}
+
 	w.subscriptionFlag = EvtSubscribeToFutureEvents
 	if w.FromBeginning {
 		w.subscriptionFlag = EvtSubscribeStartAtOldestRecord
@@ -330,15 +336,10 @@ func (w *WinEventLog) evtSubscribe() (EvtHandle, error) {
 }
 
 func (w *WinEventLog) fetchEventHandles(subsHandle EvtHandle) ([]EvtHandle, error) {
-	var eventsNumber uint32
 	var evtReturned uint32
 
-	eventsNumber = 5
-
-	eventHandles := make([]EvtHandle, eventsNumber)
-
-	err := _EvtNext(subsHandle, eventsNumber, &eventHandles[0], 0, 0, &evtReturned)
-	if err != nil {
+	eventHandles := make([]EvtHandle, w.BatchSize)
+	if err := _EvtNext(subsHandle, w.BatchSize, &eventHandles[0], 0, 0, &evtReturned); err != nil {
 		if errors.Is(err, ERROR_INVALID_OPERATION) && evtReturned == 0 {
 			return nil, ERROR_NO_MORE_ITEMS
 		}