logagent-input-windows-events

Plugin to collect windows events

Usage no npm install needed!

<script type="module">
  import logagentInputWindowsEvents from 'https://cdn.skypack.dev/logagent-input-windows-events';
</script>

README

logagent-inpt-windows-events

Plugin for Logagent to collect windows events

  1. Install logagent 2.x
npm i -g @sematext/logagent
  1. Install this plugin
npm i -g logagent-input-windows-events  
  1. configure logagent
input:
  windowsEvent:
    module: logagent-input-windows-events 
    intervall: 10
    providers: 
      - Microsoft-Windows-Security-SPP
      - Microsoft-Windows-Security-Auditing
      - Microsoft-Windows-DNS-Client
      - Service Control Manager
      - Microsoft-Windows-Kernel-General
      - MsiInstaller
      - Microsoft-Windows-RestartManager
      - Microsoft-Windows-CAPI2

output:
  elasticsearch:
    url: http://localhost:9200
    index: logs
  1. Start logagent
logagent-windows --config myconfig.yml
  1. Result in Kibana