For a while, I've been shipping events from winlogbeat to logstash and then to elastic. I used my own, very basic template. I cannot figure out how to load the winlogbeat template to elastic. Is it possible to do this while sending the data to Logstash?
Yes, it is possible. You should run the setup subcommand of Winlogbeat: Load the Elasticsearch index template | Winlogbeat Reference [7.16] | Elastic
Let me know how it goes.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.