Hello,
I'm working on a ELK server to monitor a windows server 2008 R2 farm. I installed Winlogbeat agent on my client servers and it works pretty good with windows event logs.
I want to go further and ship logs from log files (for example C:\Windows\WindowsUpdate.log) to logstash.
Is it possible to ship other log than windows event logs with winlogbeat?
Thanks in advance and sorry for my english 
Franck
You could probably use Filebeat for something like that. https://www.elastic.co/products/beats/filebeat
Oh, I thought filebeat not working with windows !
Have it always worked with?
I'm sure i've already tried filebeat for windows and been blocked for this reason...
Whatever, thank you for your answer, i will try this
Franck
It works 
thank you !
1 Like
On all our windows servers we need to read both windows event logs and regular log files. This means we would need to manage two shipping agents on all the windows servers.
Is there a plan to make Winlogbeat able to read regular log files?
Thank you