HELLO,
I have installed sysmon in a Windows machine using the command:
==> sysmon.exe -i -accepteula -h md5,sha256,imphash -l -n
And then restart winlogbeat. In winlogbeat log everything is working well, and i have logs like that:
020-11-26T14:45:30.485+0100 INFO beater/eventlogger.go:88 EventLog[Microsoft-Windows-Sysmon/Operational] successfully published 1 events
but when I go to kibana I am not seeing any sysmon logs
Can you tell me what's the problem please ?
Thanks for your help