Current Winlogbeat version 7.x didn't work on windows server 2022

Graylog2 / collector-sidecar

Manage log collectors through Graylog

https://www.graylog.org/

Other

268 stars 56 forks source link

Current Winlogbeat version 7.x didn't work on windows server 2022 #426

Closed xud6 closed 1 year ago

xud6 commented 2 years ago

Problem description

Current Winlogbeat version 7.x.x didn't work on windows server 2022 according to elastic support of windows server 2022 start with 8.x.x

Steps to reproduce the problem

Install sidecar on windows server 2022 machine
setup winlogbeat
collected log is corrupted

Environment

Sidecar Version: 1.1.0
Graylog Version: 4.2.6
Operating System: debian 11 on server, windows server 2022 on where sidecar installed
Elasticsearch Version: 7.10.2
MongoDB Version: 4.2.18

xud6 commented 2 years ago

I tried to solve the problem by upgrade the winlogbeat binary to 8.1.2. But source field became unknow after this.

c3rberus commented 2 years ago

The version of winlogbeats shipped is 7.11.1 and that is dated, released on Feb 17, 2021. I too am curious if there are plans to upgrade thecollector-sidecar with latest winlogbeats? When will latest 8.x release be supported?