Winlogbeat
Winlogbeat ships Windows event logs to Elasticsearch or Logstash. It reads from one or more event logs using Windows APIs, filters events based on user-configured criteria, and sends event data to configured outputs. It can capture application, hardware, security, and system events and can be installed as a Windows service.
Follow to track new versions in your feed.
Overview
0
Version & Lifecycle
0
Community Notes
Winlogbeat – Command-line note
For unattended deployment of the Winlogbeat MSI, you can install it silently and pre-stage configuration by wrapping the vendor MSI with a script that: 1) runs the MSI with standard silent options (for example via msiexec /qn in your tool of choice), 2) drops a managed winlogbeat.yml into C:ProgramDataElasticBeatswinlogbeatwinlogbeat.yml, and 3) then starts the installed Windows service that the MSI creates but does not start by default.
Release Notes & Updates
0
Avg cadence: —
Next anticipated release: —
Updates • 0
Help us match vulnerabilities
No vulnerability match yet. Pick the right product:
Looking for matching products…
Don’t see it? Paste a CPE
Also known as
Other names people use for this app — helps search and matching.
Winlogbeat
Sign in to suggest a name.
