A fairly quick post that I think may interest many of us, and it's no more common than being able to monitor any event in the Windows Event Viewer. Can you imagine keeping an eye on the events of the domain controllers??
Something very common that we are usually asked for is the possibility of knowing the logons and other interesting information that a user can generate. In this post we will see how to visualize data as interesting as: When have they logged in, When they closed the session, Incorrect login attempts, When a computer has been locked, or unlocked, or when the screensaver has tripped, or it has been deactivated…
GOOD, once we have already set up our platform with Elasticsearch, Logstash and Kibana, In this first post, we are going to analyze the events of the Event Viewer of our Windows computers using Winlogbeat! We'll install the small agent and send the events we decide to Logstash to process and store in Elasticsearch, and then we will visualize them with Grafana!
Do Tailor-made training
Windows Server – VMware vSphere – Citrix Virtual Apps & Desktops – Centreon
|
We are a consulting firm that cares and pampers
|
 |
|
With quality and added value
|
 |
|
¡Let's work together!
|
 |
