Hi ! I have set up a CentOS virtual machine running ELK server. Also in vmware I installed Windows virtual machine with Winlogbeat, and a pfSense virtual machine. I want to configure Winlogbeat to send Windows logs to Logstash on the Windows machine. From there, I want Logstash to forward the logs to pfSense using TCP syslog. Finally, pfSense should send the logs to the ELK server for centralized log analysis. I need assistance with the detailed steps to configure Winlogbeat, Logstash, pfSense, and ELK to achieve this log forwarding and analysis setup.
Welcome to our community! 
Why are you sending these to pfsense as well?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.