Hello,
I am new to Elastic Stack. and don't know much about Grok and how to construct patterns.
Today is my second days to read about Elastic Stack, particularly LogStash. I would like to play with it in order to learn more about it. So, I am going to install WinLogBeat->LogStash->ElasticSearch->Libana.
I am done with WinLogBeat. Now, I am going to install LogStash (everything on one server). However, I am encountering some issue when unzipping LogStash-2.2.2 as follows:
An unexpected error is keeping you from copying the file. If you continue to receive this error, you can use the error code to search for help with this problem.
Error 0x80004005L Unexpected error
command.rb
Type: RB file
Date modified: 2016-02-18 1:48 AM
Size: 1.24 KB
I have similar errors for other "rb" files. I don't know what "rb" means.
Second, I am looking for a Grok Pattern for Windows Event Log (application, system,...). Can someone direct me to get it please? I was looking at the page, https://github.com/logstash-plugins/logstash-patterns-core/blob/master/patterns/grok-patterns, and found nothing there.
Your help is greatly appreciated.
Edison