Skip to content

themarcusaurelius/Winlogbeat

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
winlogbeat
winlogbeat
 
 
README.md
README.md
 
 
installWinlogbeat.ps1
installWinlogbeat.ps1
 
 
uninstallWinlogbeat.ps1
uninstallWinlogbeat.ps1
 
 

Repository files navigation

A Lightweight Shipper For Windows Event Logs.

Keeps a pulse on what's happening across Windows-based infrastructure. Winlogbeat streams Windows event logs to your Vizion Elastic App.

Installation:

Windows:

  1. As administrator, enter the following command in Powershell or download the zip file here.
Start-BitsTransfer -Source 'https://github.com/themarcusaurelius/Winlogbeat/archive/master.zip' -Destination 'C:\Users\Administrator\Downloads\Winlogbeat.zip'

  1. Unzip the package and extract the contents to the C:/ drive.

  2. Back in Powershell, CD into the extracted folder and run the following script:

.\installWinlogbeat.ps1
  1. When prompted, enter your credentials below and click OK.
Kibana URL: _PLACEHOLDER_KIBANA_URL_
Username: _PLACEHOLDER_USERNAME_
Password: _PLACEHOLDER_PASSWORD_
Elasticsearch API Endpoint: _PLACEHOLDER_API_ENDPOINT_

This will install and run winlogbeat.

Data should now be shipping to your Vizion Elastic app. Check the Discover tab in Kibana for the incoming logs

Example Dashboard

The dashboards are provided as examples. We recommend that you customize them to meet your needs.

Imgur

About

Winlogbeat

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages