Hey guys, I realized that the logs in the output folder C:\ProgramData\edrsvc\log\output_events, although they are a valid JSON, do not have a proper CRLF (carriage return line ending) (as you can see in line 57 below).
This is a bit problematic if you want to read the logs with Filebeat for instance. Is it possible to add a CRLF per line? Or even better that the JSON are not beautified (not pretty output)? That way we save time because there will be a JSON log per line with a proper carriage return.
pbasilcom
commented
3 years ago
Hey guys, I realized that the logs in the output folder C:\ProgramData\edrsvc\log\output_events, although they are a valid JSON, do not have a proper CRLF (carriage return line ending) (as you can see in line 57 below).
This is a bit problematic if you want to read the logs with Filebeat for instance. Is it possible to add a CRLF per line? Or even better that the JSON are not beautified (not pretty output)? That way we save time because there will be a JSON log per line with a proper carriage return.