Skip to content

troplolBE/evtx-to-elk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

evtx-to-elk

evtx-to-elk

 
 

executable

executable

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

evtx-to-elk.sln

evtx-to-elk.sln

 
 

Repository files navigation

evtx-to-elk

Visual Basic UI to help send evtx files to the ELK Stack. The program uses Winlogbeat to send the logs based on a custom config file.

Installation

To install and use the program you need to download the repo and open it with Visual Studio. Once openend, run the program or build it.

Usage

The executable is very simple to use and has a ver symple UI. The executable also checks for all the inputs in order to make sure that you can't crash it.

Script

Custom config

The custom config is a Yaml file that needs to contain 2 things.

  1. Mandatory part which looks like this

Mandatory part

  1. Custom part where you choose where winlogbeat has to send the evtx files

Custom part

My file sends data to Kafka topic winevent. This part is completely customised and should be changed to send it to where you need to send it. (Elasticsearch, Kibana, Logstash, etc)

About

Program to send logfiles to ELK using winlogbeat.

Topics

visual-basic elk winlogbeat elastic elk-stack logfile-upload evtx

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages