Hello community,
for security reasons I have some eventlogs encrypted with an certificate.
Windows native its possible to decrypt them in order to get access again.
Is it also possible with winlogbeat or filebeat?
Best regards
There is no native feature in the Beats yo do that.
Hi @legoguy1000
thanks for the info. This would be a nice feature request pointing to endpoint security / environment security
Best Regards.
The problem with that is there are so many ways this would be approached, I don't think it would be sustainable. Are you talking about encrypted files, windows event logs, encrypted text within log files, encrypted syslog.....?
in my case - just the encrypted windows event logs
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.