Beat - logstash - logserver

slawek · July 2, 2020, 6:03pm

Hello,
Can I configure logstash as a receiver from winlogbeat and send these logs in CEF format to another log server? If yes. How should I do that?
Regards

Badger · July 2, 2020, 6:30pm

You can use a cef codec on whatever output you are using to send data to the other server.

slawek · July 2, 2020, 6:50pm

Can you show me an example configuration file using the cef codec for windows events.

Badger · July 2, 2020, 6:51pm

I do not have an example.

slawek · July 2, 2020, 7:26pm

Can anyone show me an example of sending Windows events in CEF format using logstash?

Topic		Replies	Views
Accepting messages in CEF format Logstash	2	433	April 8, 2018
Parsing logs from winlogbeats to Arcsight CEF Logstash	1	851	March 26, 2018
Logstash output as CEF data to other server Logstash	4	1995	April 26, 2019
Winlogbeat and Logstash Input Codec Beats winlogbeat	5	6875	April 12, 2016
How can I export data in CEF format using logstash Logstash	1	394	October 1, 2018

Beat - logstash - logserver

Related topics