AES Encryption at rest for winlogbeat.yml

Hi All,

Is there a way to encrypt the winlogbeat.yml file for winlogbeat so that if an attacker lands on a windows box they cant just read the logging configuration?

The idea would be to have it encrypted at rest and decrypted when the winlogbeat service starts or restarts.




its not currently possible for Winlogbeat to encrypt his configuration files, we have a keystore, but's its more like an obfuscation strategy.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.