Winlogbeat - multiple output

iccMe · September 10, 2020, 7:28am

Hi,

I am wondering if it is possible to have a winlogbeat output to multiple events? So ideally I would like it to ship to my elasticsearch cluster but also output to a file (ideally a flat file) if anyone knows if that is possible?

thanks

Ian

MarianaD · September 10, 2020, 9:30am

hi @iccMe, unfortunately, Winlogbeat or any other beat doesn't support multiple output. (we briefly mention in the docs https://www.elastic.co/guide/en/beats/winlogbeat/current/configuring-output.html).
You might have to run a second instance of Winlogbeat or look into the possibility of sending the data to Logstash and then to multiple outputs.

system · October 8, 2020, 11:31am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
1 WEF and 2 separate outputs in winlogbeats Beats winlogbeat	3	956	May 28, 2018
A question about Winlogbeat configuration Beats winlogbeat	5	682	September 20, 2017
Logstash mirror output Logstash	15	3162	June 9, 2017
Can we configure Winlogbeat to send logs to multiple Logstash instances? Beats winlogbeat	6	3430	August 23, 2018
Auditbeat with multiple outputs Beats auditbeat	3	1059	November 4, 2022

Winlogbeat - multiple output

Related topics