Prerequisites
AARNet will provide a configuration file that includes connection information that you’ll need for WEC servers. Check that you have this winlogbeat.yml
file available – if not, ask your SOC contact.
Configure Winlogbeat
- Replace the
winlogbeat.yml
file in the Winlogbeat installation directory with thewinlogbeat.yml
file provided by AARNet. - Test it with this command in PowerShell:
.\winlogbeat.exe test config -c .\winlogbeat.yml -e
The output should look like this:
PS C:\Program Files\Winlogbeat> .\winlogbeat.exe test config -c .\winlogbeat.yml -e
Config OK