Beat - logstash - logserver

slawek · July 2, 2020, 6:03pm

Hello,
Can I configure logstash as a receiver from winlogbeat and send these logs in CEF format to another log server? If yes. How should I do that?
Regards

Badger · July 2, 2020, 6:30pm

You can use a cef codec on whatever output you are using to send data to the other server.

slawek · July 2, 2020, 6:50pm

Can you show me an example configuration file using the cef codec for windows events.

Badger · July 2, 2020, 6:51pm

I do not have an example.

slawek · July 2, 2020, 7:26pm

Can anyone show me an example of sending Windows events in CEF format using logstash?

system · July 30, 2020, 7:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.