-
-
## **BEFORE CREATING THE ISSUE, CHECK THE FOLLOWING GUIDES**:
- [ ] [FAQ](https://github.com/cisagov/LME/blob/main/docs/markdown/reference/faq.md)
- [ ] [Troubleshooting](https://github.com/cisag…
-
I use the flatline rule to determine that one of my index has no new data.
`es_host: es.dev.sxc`
`es_port: 80`
`name: "winlogbeat is running"`
`#index: winlogbeat-6.4.2-%Y.%m.%d`
`#use_strftime…
idlej updated
5 years ago
-
The overview page has stats about various data sources. For Winlogbeat I think it would be good to show the number of events Winlogbeat is getting from the `Security` and `Microsoft-Windows-Sysmon/Ope…
-
The [default winlogbeat sysmon pipeline](https://github.com/elastic/beats/blob/b4ff53ce2b2d0037faa58d88afa2afbdc82d3033/x-pack/winlogbeat/module/sysmon/ingest/sysmon.yml#L691) values for the network d…
-
While deployment of Winlogbeat seems fine within Salt, and installed the module within the Windows Servers it fails to start the service
### Setup
```
copy_files:
file.recurse:
- source:…
-
## What?
Graylog disallows message fields that do not adhere to a specific pattern: https://github.com/Graylog2/graylog2-server/blob/496233da162a439a1e1cb6b63b6485bad7720c5a/graylog2-server/src…
-
queue_size has been removed. Is there a way to configure this module so as to leave this parameter out?
C:\Program Files\winlogbeat>.\winlogbeat.exe
winlogbeat2018/02/27 21:07:21.122998 beat.go:63…
-
From Adam's comments:
Check if we are loading the elasticsearch ingest node pipelines from the winlogbeat setup command and that logstash is configured to use the ingest node pipelines.
Reference t…
-
We run in to an issue where the Agent is not able to keep up with the Windows Event received. We did not have this problem when we were using Winlogbeat. I would like to ask two things.
1. Has the …