Hi team,
I have installed logstash 6.0.0 version in centos 6.9 server and also installed logstash-wmi-input plugin 3.0.3 version.
My Config file in /etc/logstash/conf.d/winsystem.conf
input {
wmi {
query => "select * from Win32_Process"
host => "10.1.1.117"
user => "fileshare\testuser"
password => "password-1"
}
}
Note: i did't get any windows logs file in logstash logfile location.But i am receiving following default log only
[2017-12-20T19:16:00,279][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125}
[2017-12-20T19:16:00,301][INFO ][logstash.inputs.wmi ] Registering wmi input {:query=>"select * from Win32_Process"}
[2017-12-20T19:16:00,521][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
Please help me. If i need to do any configuration changes