Hi All,
Is there a way to encrypt the winlogbeat.yml file for winlogbeat so that if an attacker lands on a windows box they cant just read the logging configuration?
The idea would be to have it encrypted at rest and decrypted when the winlogbeat service starts or restarts.
Cheers
Magneton
Hello,
its not currently possible for Winlogbeat to encrypt his configuration files, we have a keystore, but's its more like an obfuscation strategy.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.