Hello ,
I have a complete setup of ELK stack on Ubuntu server 14.04. Also I have installed winlogbeat 5.3 on another windows 7 host. winlogbeat is not collecting application logs. Only logs i could see on kibana is of winlogbeat service start and stop events. Please see the winlogbeat.yml config file.
Can you please help me out.
Thanks in advance.
You need to specify the log you want to collect in the config file:
In your case, you want the Application Event logs, add this below your System entry:
So, the snippet in your config file should look similar to this:
event_logs:
- name: Application
ignore_older: 72h
- name: Security
- name: System
Issue resolved. Thanks.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.