Hi Forum
Just a Noobie for this kind of setup - but linuxnerd for +30 years - I have build a server with Elasticsearch/Kibana and Logstash -and are running into some issues.
From Linux - I can collect the data/logs and visualize it through Elastich/Kibana - and all Linux servers are delievering data - But I cannot manage to get the Windows servers to deliever the Data.
I had some issue with the configuration of the filebeat on windows -but now its running - but cannot see any logs inside the ServerGUI - and are not showing any type of contact to the server
My Config for filebeat.yml looks like this:
filebeat.inputs:
- type: log
enabled: true
paths:
#- /var/log/*.log
- C:/ProgramData/Filebeat/Logs
output.logstash:
hosts: ["FQDN:5044"]
And I have enabled the IIS and MySQL since these are the 2 services running on this server
(But afterwards I have several more Windows Servers that needs to be added - but I would like to see data from this server before continuing)
- module: iis
#Access logs
access:
enabled: true
error:
enabled: true
- module: mysql
#Error logs
error:
enabled: true
#Slow logs
slowlog:
enabled: true
Can anybody see my mistakes or help me further on for collecting these data from WIndows? Since I cannot see these logsentries anywhere on my Server
Thanks in advance