Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

normalize winlogbeats with fluent bit winlog/winevtlog #604

Closed
mmguero opened this issue Oct 29, 2024 · 1 comment
Closed

normalize winlogbeats with fluent bit winlog/winevtlog #604

mmguero opened this issue Oct 29, 2024 · 1 comment
Labels
enhancement New feature or request external Depends on a bug or feature external to this project host logs Related to Malcolm's processing of host logs forwarded from external forwearders
Milestone
z.staging

Comments

@mmguero
Copy link
Collaborator

mmguero commented Oct 29, 2024

The documentation describes setting up Beats to forward to Malcolm.

We need to do the following:

  • verify the documentation that it's (still?) correct and accurate
  • For winlogbeat specifically, we should look into normalizing its output so that the windows even logs from fluent bit's winlog and winevtlog, the EVTX files uploaded and parsed and what winlogbeats puts out so it's all apples and apples as much as possible (and the dashboards work pretty much the same for all three).
@mmguero mmguero added enhancement New feature or request external Depends on a bug or feature external to this project labels Oct 29, 2024
@mmguero mmguero added this to the z.staging milestone Oct 29, 2024
@mmguero mmguero added this to Malcolm Oct 29, 2024
@mmguero mmguero added the host logs Related to Malcolm's processing of host logs forwarded from external forwearders label Oct 29, 2024
@mmguero mmguero moved this to Todo (investigate) in Malcolm Oct 29, 2024
@mmguero
Copy link
Collaborator Author

mmguero commented Nov 4, 2024

Kamino closed and cloned this issue to cisagov/Malcolm

@mmguero mmguero mentioned this issue Nov 4, 2024
Closed
@mmguero mmguero closed this as completed Nov 4, 2024
@github-project-automation github-project-automation bot moved this from Todo (investigate) to Done in Malcolm Nov 4, 2024
@mmguero mmguero moved this from Done to Migrated in Malcolm Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request external Depends on a bug or feature external to this project host logs Related to Malcolm's processing of host logs forwarded from external forwearders
Projects
Malcolm
Status: Migrated
Milestone
z.staging
Development

No branches or pull requests
1 participant
@mmguero