How can I send logstash logs to windows event?

Yusuf_Karatoprak · March 23, 2018, 10:44am

I am trying to add logstash logs to windows logs? I got an error, @jdno helped me to getrid of error.

Other question :

On the other hand; I want to write logs to windows event logs by using win32/eventlog.(https://github.com/chef/win32-eventlog) Error: Ruby exception occurred: uninitialized constant Win32::EventLog::INFO.

How can I solve this? My logstash.conf file :


    
input {
  file {
    type => "json"
    path => ["C:/Temp/logs/*.json"]
    start_position => "beginning"
    codec => "json"
    discover_interval => 120
	stat_interval => 60
	sincedb_write_interval => 60
	close_older => 60
  }
}
filter {
mutate {
    remove_field => [ "path" ] 

}
 ruby {
    code => "
	  require 'win32/eventlog'
      logger = Win32::EventLog.new
      logger.report_event(:event_type => Win32::EventLog::INFO, :data => 'a test event log entry')
     "
}

}
output {
    stdout {
        codec => rubydebug
    }

	elasticsearch {
       hosts => ["http://loguser:xxxxx_2017@192.169.5.84:333"]
	   index => "logstash-%{+YYYY.MM}"
    }
}

system · April 20, 2018, 10:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.