I was trying to use Elastic Stack for forensics investigation purposes. I can parse 1 evtx file with no problem :
But I guess Winlogbeat doesn support multiple files :
Is there a built in way to do this because I didn't find clues in the Documentation ?
Thank You
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
