Hi
It would be a great help if you write it in a pattern that can be distinguished from kibana.
Thank you.
{"EventTime":"2017-08-12 10:33:15","Hostname":"ISCHOOL","Keywords":-9214364837600034816,"EventType":"AUDIT_SUCCESS","SeverityValue":2,"Severity":"INFO","EventID":4793,"SourceName":"Microsoft-Windows-Security-Auditing"}