Hi,
When i start winlogbeat and use logstash or direct output to my elk every second an indices is created with wrong timestamps and the server crashes.
I think something is wrong with the date notation but i cannot find it.
Every second am indice is generated and it counts the days as seconds.
Sounds like it could be an issue with your LS config. Please post the config you are using for both LS and Winlogbeat.
I found it, it was processing the whole event log, when i set the config to 1 day everything is ok.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
