Hi everyone,
I'm pretty new in ELK Stack and I would like to know if is there any grok pattern for windows events. I'm shipping events to ELK stack with Winlogbeat by sending Application, security and system events.
Hi,
winlogbeat has a definition for windows events. I suggest you to check the official doc of winlogbeat in the filter section
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.