Winglogbeat Firewall Rule #11382
Winglogbeat Firewall Rule
#11382
Replies: 1 comment
-
|
Are you using Security Onion 2.4? If so, then you should be using Elastic Agent instead of Winlogbeat: |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I am installing winlogbeat to ship logs to security onion, but it looks like sdo so-allow is not longer a command.
I also am checking firewall underneath the configuration in the management console but don't see a log stash option.
What group name does it fall under? Did anything else change for shipping winlogbeat logs?
Beta Was this translation helpful? Give feedback.
All reactions