Timestamp data is missing from winlog beat to logstash

Harish_Babu_B · August 27, 2019, 9:59am

Hii friends
I am trying to collect the data sent from the winlog beat to the logstash. while i'm doing it i'm unable to get the timestamp of the event generated. I'm getting only the message but I also need timestamp to do some analysis. please help me in receiving the timestamp from the log at logstash.
Below is the winlog beat configuration
winlogbeat.event_logs:

name: Application
ignore_older: 1h
name: Security
ignore_older: 1h

- name: Active Directory Web Services

name: System
ignore_older: 1h
fields_under_root: true
#----------------------------- Logstash output --------------------------------
output.logstash:
hosts: ["VM IP:5044"]
#loadbalance: true
#ssl.enabled: true

logging.to_files: true
logging.files:
path: C:\ProgramData\winlogbeat\Logs
logging.level: info

thank you

Suzan748 · August 27, 2019, 10:21am

Let me check this issue. I'll be back wait tellsubway.

Harish_Babu_B · August 28, 2019, 4:22am

yeah sure Thank you. Please let me know if you know any?

system · September 25, 2019, 4:22am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.