Collect Windows logs with Winlogbeat

  • Move the Winlogbeat folder to C:\Program Files\
  • Run Powershell with Administration privilege
  • Go to Winlogbeat directory with cd command
ELK Server IP

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Orhan Öztaş

Orhan Öztaş

Blue Team Member. I am writing articles for helping you about cyber security.