qjerome
commented
4 years ago Hi @zhammer ,
Sorry for the delay ! Maybe you already had the opportunity to test this by now, but normally yes you can do it.
Cheers,
Open zhammer opened 4 years ago
qjerome
commented
4 years ago Hi @zhammer ,
Sorry for the delay ! Maybe you already had the opportunity to test this by now, but normally yes you can do it.
Cheers,
i'm trying to set up some windows containers so that their windows event log directories are mounted to a shared volume with a sidecar task that monitors and ships directly from those log files.
is this possible with evtxmon? going to try this out on my own but thought i'd post the question here for added support.
(some background trying to get this up with another tool: https://discuss.elastic.co/t/winlogbeat-as-a-docker-sibling-sidecar-container/217409)