Hi Team,
I facing certain problem with logstash 5.3.
I am trying to use eventlog as input to read eventlog and put that in elastic search but it is not able to find eventlog plug in. Plus when I tried to list down all the available plug in it does not show eventlog as options. Can anyone help me in enabling that ? I am pretty new in this practice, please help urgently.
Thanks
Debashree
what is the "eventlog" are you talking windows? There is "WinBeat" to grab that ,
Yes right windows.
Okay I can try out winbeat. But in case say I have to add new plugin what is the process, say if I have to use logstash only in this case. Please help!!
Another point I forgot to mention is my system OS is Windows 10
this is the only one I can think of as an alternate
https://www.elastic.co/guide/en/logstash/current/plugins-inputs-wmi.html
This is a community-maintained plugin! It does not ship with Logstash by default,
but it is easy to install by running bin/logstash-plugin install logstash-input-wmi.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.