Repository navigation
winlogbeat
- Website
- Wikipedia
🐠 Beats - Lightweight shippers for Elasticsearch & Logstash
Windows Events Attack Samples
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
Universal Winlogbeat configuration
[DEPRECATED] Elastic Beats Input plugin for Graylog
Collector plugin for Graylog
Burnham Forensics ELK Deployment Files
writeup about sending Logstash data to Splunk using the HTTP Event Collector
Official repository for code snippets from Data Engineering for Cybersecurity, No Starch Press, July 2025
LogFlow é uma aplicação ETL (Extração, Transformação e Carregamento) especializada em processamento de logs
Repository for custom applications that automate the downloading, installation, and running of various Beats into Vizion.ai Elasticsearch.
A lightweight SIEM solution using the ELK stack, Docker, Winlogbeat and Sysmon for efficient log collection and analysis.
Ansible role to install winlogbeat for security monitoring.
Program to send logfiles to ELK using winlogbeat.
Graylog extractor for Microsoft Teams Rooms Devices
Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
Install/Configure Elastic Winlogbeat through Chef
Materials and install for my talk about getting your ETL flow under Statistical Process Control
Easy installation/update of Winlogbeat via Domain Controller and WinRM.
This Docker project deploys a single-node ELK stack with Logstash, offering the flexibility to add custom pipelines as needed. It includes a preconfigured Winlogbeat pipeline for collecting logs from Windows systems. This setup is intended for testing and research purposes only, not for production use.