How can I send logstash logs to windows event?

Yusuf_Karatoprak · March 23, 2018, 10:44am

I am trying to add logstash logs to windows logs? I got an error, @jdno helped me to getrid of error.

Other question :

On the other hand; I want to write logs to windows event logs by using win32/eventlog.(https://github.com/chef/win32-eventlog) Error: Ruby exception occurred: uninitialized constant Win32::EventLog::INFO.

How can I solve this? My logstash.conf file :


    
input {
  file {
    type => "json"
    path => ["C:/Temp/logs/*.json"]
    start_position => "beginning"
    codec => "json"
    discover_interval => 120
	stat_interval => 60
	sincedb_write_interval => 60
	close_older => 60
  }
}
filter {
mutate {
    remove_field => [ "path" ] 

}
 ruby {
    code => "
	  require 'win32/eventlog'
      logger = Win32::EventLog.new
      logger.report_event(:event_type => Win32::EventLog::INFO, :data => 'a test event log entry')
     "
}

}
output {
    stdout {
        codec => rubydebug
    }

	elasticsearch {
       hosts => ["http://loguser:xxxxx_2017@192.169.5.84:333"]
	   index => "logstash-%{+YYYY.MM}"
    }
}

system · April 20, 2018, 10:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to add a ruby code inside of the logstash config file? Logstash	4	1608	April 19, 2018
How to send log to windows event by using logstash ELK? Logstash	1	324	April 3, 2018
Logstash eventlog Logstash	2	1194	July 6, 2017
How to collect windows event logs using Logstash? Logstash	5	8155	July 17, 2017
How can I send my custom Windows AD server event logs to Logstash? Logstash	1	2073	June 1, 2017

How can I send logstash logs to windows event?

Related topics