How to monitor a file for its version, code signature etc

I would like to monitor files inside a directory for the file description like version, code signature etc. without uploading the files to Elastic Search. I found this File fields but not sure how to add these fields in filebeat.yml. Any sample will be great.

Monitoring files can be done with Auditbeat: File Integrity Module | Auditbeat Reference [7.10] | Elastic

Thanks, I tried auditbeat and getting the following fields only. No as mentioned in the link .. PE Header Fields | Elastic Common Schema (ECS) Reference [1.7] | Elastic

fields.type, file.ctime, file.drive_letter, file.extension, file.hash.sha1, file.inode, file.mime_type, , file.mtime, file.owner, file.path, file.size, file.type, file.uid

Do I need to enable any other module to get* ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.