Allright..
I know Windows server 2003 logs is not supported. But is it possible to solve?
I use a powershell script to collect Windows server 2003 logs to a Windows server 2022 then Im using Elastic Agent with a custom logs integrestion to collect logs from a path.
The problem is the filestructure. It's seperating the logs after " : "
Example below, instead of having 1 log file, i end up having 14 logfiles. Could it be a possible to use grok and send it to logstash, and if so.. how should i grok it?
Category : 0
CategoryString :
EventCode : 12503
EventIdentifier : 12503
TypeEvent :
InsertionStrings : {15}
LogFile : System
Message : The WinHTTP Web Proxy Auto-Discovery Service has been idle for 15 minutes, it will be shut down.
RecordNumber : 378808
SourceName : WinHttpAutoProxySvc
TimeGenerated : 20220425140525.000000+120
TimeWritten : 20220425140525.000000+120
Type : Information
UserName :