Ok, so that goes back to my original question. How do I get the archived .evtx files into my Logstash then? It doesn't seem feasible to take tens of thousands of archived evtx files and manually add each one back into Event Viewer.
Ok, so that goes back to my original question. How do I get the archived .evtx files into my Logstash then? It doesn't seem feasible to take tens of thousands of archived evtx files and manually add each one back into Event Viewer.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.