Best practices for the log shipper selection of Windows eventlog

AME · April 9, 2023, 8:03am

Hi all,
currently I use OpenSearch with Logstash and Nxlog. Are there any best practices or recommendations on which log shipper is best to use?
I primarly want to use Security Analytics for Windows logs.
Thx

Gsmitt · April 12, 2023, 4:13am

Hey @AME

I use both but for Windows I perfer Winlogbeat. Depend on how much room you have, Winlogbeat can get pretty chatty.

nasrullonurullaev · February 7, 2024, 5:08pm

Hi Ame!
I have question how are you using Logstash in Windows?
I mean there are no Logstash for Windows - Only for Linux and MacOs

jst · February 8, 2024, 7:59am

I guess, he uses this version of Logstash…?

Topic		Replies	Views
Beats are now deliberately "broken" on ElasticSearch 7.10 and newer OpenDistro	2	1239	June 4, 2021
Which filebeat can be use with Opensearch OpenDistro discuss	1	908	January 31, 2022
What log sources do you need for Security Analytics Security Analytics	5	505	June 20, 2023
Winlogbeat + security module analytics: data growup Security Analytics	2	428	August 19, 2023
Lots of beginner questions OpenDistro	11	1812	June 14, 2021

Best practices for the log shipper selection of Windows eventlog

Related Topics