Hi Team,
I am using Filebeat agent to get logs from an S3 bucket in my AWS Account and push them into Elasticsearch for visualisation.
I wish to also collect some logs from EC2 instances of OS Linux or Windows (syslogs and win events )
Can filebeat agent be used to achieve this? Or do we require some different agent?
Also, is there a way to push this output from the Beats agent to an S3 bucket along with sending to Elasticsearch stack?
The system module is designed exactly for this 
Thanks for the prompt reply Mark.
I see that the System module does not support windows logs, will I have to install Winlogbeat agent?
Also, can these logs be sent to an S3 bucket after retrieval?
If by Windows logs you mean things in event viewer, yes you need Winlogbeat.
Neither Filebeat and Winlogbeat support output to s3, you would need to use something like Logstash to do that.
Thanks Mark. This helps.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.