Winlogbeat

Comments

How to install Winlogbeat on Windows

1
2
3
4
5
6
7
8
9
10
11
12
PS C:\Program Files\Winlogbeat> .\install-service-winlogbeat.ps1

-- 如果在系统上禁用了脚本执行,则需要为当前会话设置执行策略以允许脚本运行
PowerShell.exe -ExecutionPolicy UnRestricted -File .\install-service-winlogbeat.ps1

PS C:\Program Files\Winlogbeat> set-executionpolicy remotesigned
PS C:\Program Files\Winlogbeat> set-executionpolicy Bypass

 PS C:\Program Files\Winlogbeat> .\winlogbeat.exe test config -c .\winlogbeat.yml -e

PS C:\Program Files\Winlogbeat> Start-Service winlogbeat
PS C:\Program Files\Winlogbeat> Get-Process | findstr winlogbe

Reference

[https://www.jianshu.com/p/1e4266af6202]
[https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules-overview.html]
[https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules-quickstart.html]
[https://www.elastic.co/guide/en/beats/filebeat/current/directory-layout.html]
[https://www.elastic.co/guide/en/beats/winlogbeat/current/winlogbeat-getting-started.html]
[https://www.elastic.co/cn/downloads/beats/winlogbeat]
[https://blog.csdn.net/vip100549/article/details/79592409]
[https://blog.csdn.net/weixin_40467243/article/details/80562495]

素丶素丶丶wodetian

忍一时越想越气,退一步越想越亏。