Hello
Am facing a wired issue, After the installation of winlogbeat on two servers , both of them are generating only a few number of logs. Most of the time the servers are not logging anything.
Any idea ?
Regards
Sumesh MS
Are you referring to the log output of Winlogbeat (i.e. the contents of C:\ProgramData\winlogbeat\Logs\winlogbeat.log)?
No, logs on windows server, which is accessible over Windows Event Viewer.
Regards
Sumesh
So if I understand correctly, the number of event log records being generated by Windows and other applications decreased after you installed Winlogbeat?
Winlogbeat doesn't do anything more that read event records from logs using the Windows APIs so I can't hypothesize any way Winlogbeat could affect the generation of event log records by the OS or other applications.
Thanks, I do understand. But the issue is only having for server where winlogbeat is installed.
Regards
Sumesh
Do you have any measurements of the number of events per day per source? You can use Get-EventLog and some PowerShell scripting to make some measurements.
Hello Andrew
I can measure the number of logs generated in the windows servers. Now a days those are in hundreds. I am pretty sure I was getting thousands of logs before.
Regards
Sumesh
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.