I am a beginner with the elastic stack and trying to learn and understand all the capabilities/features. I have successfully installed winlog on one machine and I want to installt it on 10 more machines and see how I like elk in my environment. For this purpose should I need to login to each machine and run the powershell commands or can I automate the process? Any MSI packages available or any scripts that I can make use of?
1 Like
Well, I'm no windows user myself, but I found this: https://chocolatey.org/packages/winlogbeat.
Please note, this package is no official and is thusly not supported by elastic.
You could use Ansible for this. It has pretty good Windows support. You can write a role for Winlogbeat that
- downloads using
win_get_url, - unzips the package to C:\Program Files\Winlogbeat using
win_unzip, - executes the install scripts with
win_shell, - writes your custom config based on a template or file copy with
win_templateorwin_copy, - then starts the service with
win_service.
We use Ansible to automate installing Beats on various operating systems to conduct testing.
There are probably some existing roles people have open sourced that you can use to guide your development.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.