Category: Windows

Sending Windows Logs using WinLogbeat

Download Winlogbeat – Download here (64-bit) Step 1: Download and extract winlogbeat.zip to c:\program files\  (Should look like the image below) Step 2: Open the winlogbeat.yml and edit with notepad: We will add the following under winlogbeat.event_logs: winlogbeat.event_logs:   – name: Security     event_id: 1102,4608,4609,4624-4648, 4700-4800,4950     ignore_older: 72h   – name: Application     event_id: 1000,1002,1001     ignore_older: 72h   – […]

Back To Top