AARNet will provide a configuration file that includes connection information that you’ll need for WEC servers. Check that you have this
winlogbeat.yml file available – if not, ask your SOC contact.
- Replace the
winlogbeat.ymlfile in the Winlogbeat installation directory with the
winlogbeat.ymlfile provided by AARNet.
- Test it with this command in PowerShell:
.\winlogbeat.exe test config -c .\winlogbeat.yml -e
The output should look like this:
PS C:\Program Files\Winlogbeat> .\winlogbeat.exe test config -c .\winlogbeat.yml -e