ELMAH, xml and winlogbeat

We are using ELMAH for logging and it writes an xml file for every error. Is there a way to use Winlogbeat to get these files into kibana?


Hey @kawalec,

Have you tried to collect these log files with Filebeat?

No I did not. We are just starting our ELK journey. I wrongly assumed that you only used winlogbeat on windows and filebeat for linux.

So Filebeat will be able to parse xml files fight into kibana?

Welcome to this journey then :slight_smile:

Winlogbeat is specialized on collecting logs from the Windows Event Log, but it cannot collect logs from files.
Filebeat can collect logs from files on any operating system, but it also has many other inputs.

Both Filebeat and Winlogbeat can do some parsing locally using processors. Also, you can use ingest pipelines in Elasticsearch to do the processing there just before ingesting.
Filebeat also includes a set of modules, that include predefined configurations for many services.

Once the logs are collected and parsed, they can be visualized in Kibana.

For XML there is no parser in Beats or in Elasticsearch, but you could use Logstash for that, it has an XML plugin. You could use Beats for collection and Logstash for parsing.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.