elasticmachine
commented
6 months ago Pinging @elastic/integrations (Team:Beats)
Open ash-darin opened 6 months ago
elasticmachine
commented
6 months ago Pinging @elastic/integrations (Team:Beats)
Describe the feature: it is possible to set the language of the log message requested by winlogbeat:
https://www.elastic.co/guide/en/beats/winlogbeat/current/configuration-winlogbeat-options.html#_event_logs_language
This is desireable if you have an environment with mixed systems (e.g. spanish, german, english).
but
this fails, in some cases,when the desired language can not be provided, as demonstrated by this network driver:
2024-03-05T14:15:16.319+0100 WARN eventlog/wineventlog.go:359 WinEventLog[System] error salvaging message (event id=32 qualifier=24580 provider="e1dexpress" created at 2024-03-04 23:54:21.2154663 +0000 UTC will be included without a message): failed in EvtFormatMessage: The message resource is present but the message was not found in the message table.In these cases winlogbeat should fall back to system language. It is currently not possible to set this.
Describe a specific use case for the feature: Basically any environment with mixed systems (e.g. desktops installed in local language, servers in en-US) would profit from such a handling.