Winlogbeat - multiple output

iccMe · September 10, 2020, 7:28am

Hi,

I am wondering if it is possible to have a winlogbeat output to multiple events? So ideally I would like it to ship to my elasticsearch cluster but also output to a file (ideally a flat file) if anyone knows if that is possible?

thanks

Ian

MarianaD · September 10, 2020, 9:30am

hi @iccMe, unfortunately, Winlogbeat or any other beat doesn't support multiple output. (we briefly mention in the docs https://www.elastic.co/guide/en/beats/winlogbeat/current/configuring-output.html).
You might have to run a second instance of Winlogbeat or look into the possibility of sending the data to Logstash and then to multiple outputs.

system · October 8, 2020, 11:31am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
1 WEF and 2 separate outputs in winlogbeats Beats winlogbeat	3	956	May 28, 2018
A question about Winlogbeat configuration Beats winlogbeat	5	682	September 20, 2017
Run two winlogbeat instances on the same machine Beats winlogbeat	4	2015	January 18, 2021
Configure file beat to multiple output Beats filebeat	2	25283	July 1, 2020
Metricbeat -> Filebeat -> Logstash Beats filebeat	2	447	April 8, 2020

Winlogbeat - multiple output

Related Topics