Elastic Endpoint Windows Event Log - Security Channel

mikemitchell · August 19, 2021, 4:06pm

Does the Elastic Security Windows Integration or the Endpoint Integration not have the ability to pull from the Security channel of Windows Event Logs?

I had to create a new Custom channel to pull in security events from my windows machines. This would be a nice option in the default Windows Integration to pull Security channel.

PublicName · August 19, 2021, 5:02pm

Add System integration it's oddly not Windows integration.

Topic		Replies	Views
Monitoring Multiple Windows Event Channels with Custom Event Logs in ELK Stack Elastic Agent	1	150	March 2, 2025
Help with collecting Custom Windows Event Logs with Elastic Agent Logs	1	1795	February 18, 2022
Elastic Agent Custom Windows Event Logs Beats winlogbeat	5	4671	June 15, 2022
Windows Elastic Agent System Integration not pulling Security or Application events Elastic Security elastic-stack-security , fleet , integrations	4	1360	March 23, 2022
Integration Differences - Fleet Policies Endpoint Security integrations	3	750	February 17, 2022

Elastic Endpoint Windows Event Log - Security Channel

Related topics