My organization is looking to use the Elastic Agent as a replacement for running dedicated winlogbeat.exe agents on hosts. However, through winlogbeat we were able to collect logs from Cisco AnyConnect Security Mobility Client. There does not appear to be an existing integration that collect these logs.
Am I missing something? Is this in the works?
So these logs were coming from the Windows Event Viewer log?
What sort of data were you collecting?
Just wondering at this point
For your use of Winlogbeat today, are you collecting the AnyConnect logs through a Windows event log channel? Or some other means?
With Elastic Agent, you should still be able to collect from any custom Windows event log channels using the Custom Windows Event Logs integration.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.