Winlogbeat record_number sequnetial count


we want to analyse how to use winlogbeat to monitor security as a replacement to splunk

at the moment we have numerous questions on how to migrate from splunk to elasticsearch

one question is how do we monitor the "record_number" parameter for a sequential number OR how we monitor logs that have been dropped

thanks for any information you can provide



Every Beat can be monitored using X-Pack monitoring. See more:

Number of dropped events is reported by each Beat and it is visualized in Kibana.
View the functionality monitoring UI:

ok thanks will take a look how that works

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.