Hi - I'm new to ELK-Stack, I've managed to install & config the ELK stack on Ubuntu server (I'm a professional Linux sysadmin...) and to setup the winlogbeat on a windows client, I wonder if there is a way to send logs from Windows machines to my ELK-Server without using / installing the agents on Windows clients
Thanks
Hello,
There are a few ways to send data from windows machines to Elasticsearch:
- Use Winlogbeat
- Use Filebeat for text log.
- Use Nxlog to Logstash and to Elasticsearch
The easiest way is Winlogbeat / Filebeat, Is there any specific reason why you don't want to run theses agent on the windows machines?
Hi Pier
My company gives a third party security services so the Windows machines are owned by my clients, I would like to avoid installing agents if it's possible, if there is no other option I'll user winlogbeat
Thanks for the clarification @Roy_Binderman,
Sadly there is no out of the box solution, so winlogbeat would be the way to go!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.