I was able to successfully setup ELK on a server and it is working great.
Now, I'd like to read windows event logs from a bunch of remote servers. However, I do not want to install anything on those servers in order to send event logs to my logstash server. Is there any way I can accomplish that ?
Maybe? https://msdn.microsoft.com/en-us/library/cc748890.aspx
I don't know what format that is though, so you'd have to try it.
Most people use nxlog at the moment.
Thank you for your response Mark.
I am also looking into Couchbase as an alternative, because we already use that on our production servers. I will look into the MSDN link you provided.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.