collector-sidecar icon indicating copy to clipboard operation
collector-sidecar copied to clipboard

Published 20 hours ago verified publisher icon Graylog2

Current Winlogbeat version 7.x didn't work on windows server 2022

Open xud6 opened this issue 2 years ago • 2 comments

Problem description

Current Winlogbeat version 7.x.x didn't work on windows server 2022 according to elastic support of windows server 2022 start with 8.x.x

Steps to reproduce the problem

  1. Install sidecar on windows server 2022 machine
  2. setup winlogbeat
  3. collected log is corrupted

Environment

  • Sidecar Version: 1.1.0
  • Graylog Version: 4.2.6
  • Operating System: debian 11 on server, windows server 2022 on where sidecar installed
  • Elasticsearch Version: 7.10.2
  • MongoDB Version: 4.2.18

xud6 avatar Apr 13 '22 01:04 xud6

I tried to solve the problem by upgrade the winlogbeat binary to 8.1.2. But source field became unknow after this.

xud6 avatar Apr 13 '22 02:04 xud6

The version of winlogbeats shipped is 7.11.1 and that is dated, released on Feb 17, 2021. I too am curious if there are plans to upgrade thecollector-sidecar with latest winlogbeats? When will latest 8.x release be supported?

c3rberus avatar Jun 02 '22 23:06 c3rberus