Winlogbeats path based on date

witkacy · April 15, 2021, 12:49am

Hello,

Is it possible put result logs to file/folder with name based on actual time?

So that for each day I would have separate folder with logs like

c:/tmp/20210415/logFile1...
c:/tmp/20210416/logFile1...
c:/tmp/20210417/logFile1...

winlogbeat.event_logs:
  - name: test
    ignore_older: 1h
    processors:
      - drop_fields:
            fields: ["host", "log", "event", "winlog"]
      - drop_event:
            when:
                not:
                    contains:
                        message: StatusCode=200 OK
      
setup.template.settings:

setup.kibana:

output.file:
  path: "C:/tmp/test_log_new" 
  filename: winlogbeat

mtojek · April 15, 2021, 8:35am

I'm afraid that you have to configure a custom logrotation mechanism, additionally to filebeat or simply push your data further to ES.

system · May 13, 2021, 10:35am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Upload Windows Event Logs Beats filebeat , winlogbeat	5	1179	March 3, 2022
Winlogbeat does not have a proper timestamp field Beats winlogbeat	6	2046	October 6, 2016
Winlogbeat only last log shows in Kibana Beats winlogbeat	6	485	November 29, 2018
Filebeat Logs rotating filename with data pattern Beats filebeat	3	244	April 14, 2021
Repeat testing/simulation with fixed log scenarios Beats	6	694	September 6, 2019

Winlogbeats path based on date

Related topics