WinlogBeat DNS analytical log capture

hi all,

So the latest version of WinlogBeat now support all windows event logs. Currently i'm collecting (example below) across the my company. I would also like to collect the DNS analytical log, however i'm not sure how to dirive the name of this log, could someone help me out?

Current config example:
name: Application
ignore_older: 1h

  • name: Security
    ignore_older: 1h
  • name: System
    ignore_older: 1h
  • name: Setup
  • name: Microsoft-Windows-Windows-Firewall With Advanced Security/Firewall
  • name: Microsoft-Windows-Windows-Firewall With Advanced Security/FirewallVerbose
  • name: Microsoft-Windows-Windows-TaskScheduler/Operational
  • name: Microsoft-Windows-PowerShell/Operational

The only related topic i could find:

Statement from WLB - "any channel"

Analytic and Trace logs require a different API than what Winlogbeat uses.

2 Likes

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.