I am concern with the winlogbeats sending information in the uncompressed form. Is there a way to set it to apply compression for sending information to elastic search?

(Tudor Golubenco) #2

If you want compression, you could use Winlogbeat -> Logstash -> Elasticsaerch. The Logstash output in Beats supports compression.


Thank you for your reply.

Just a clarification, is logstash output part of winlogbeat? Can I ensure that the winlogbeat client can send out information that is already compressed?

(system) #4