I'm currently trying to integrate Winlogbeat to my Docker-Compose-Stack, but I'm not really successful with it. The problem is, that I normally download the current Logstash or Filebeat version (referenced in my docker-compose.yml). I want to do the same with Winlogbeat, but as I saw on the docker.elastic.co website, there is no image for doing that. Also, as I was searching how to integrate Winlogbeat to my stack, I couldn't find any helpful topics. I want to use Winlogbeat on my Linux stack by referencing on local EVTX file archives. Is there currently a possibility to do so?
thank you very much. I did not know that it is only available for Windows. Okay, I solved the problem by executing Winlogbeat on my Windows machine and passing the data via output to my ELK stack on my Linux machine via the right port.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.