Hello,
I have installed sysmon in a Windows machine using the command:
sysmon.exe -i -accepteula -h md5,sha256,imphash -l -n
And then restart winlogbeat. In winlogbeat log everything is working well, and i have logs like that:
020-11-26T14:45:30.485+0100 INFO beater/eventlogger.go:88 EventLog[Microsoft-Windows-Sysmon/Operational] successfully published 1 events
but when I go to kibana I am not seeing any sysmon logs ash shown in this picture
Can you tell me what's the problem please ?
Thanks for your help