Thanks @Stefan Kupstaitis-Dunkler, I marked best answer and I will create a new question for this problem . Can you provide location of these log file? I confused that Can I use metron for Collect windows and linux hosts and network devices log for security purpose ? ( Threat detection and etc) Please accept my thanks for your helps
... View more
Hi @Stefan Kupstaitis-Dunkler I Installed winlogbeats on Windows workstation with below config : output.logstash:
hosts: ["nifi.node.srv:5098"] and I use this nifi processors to stream event to metron listenbeats config : Publishkafka cofig : Nifi Data provenance in publishkafka processor : and I create sensor in Management UI with logstash parser and winlogtop topic ( kafka) . now I can't see any log data in alert UI . what's problem ? Thanks
... View more
hi @Stefan Kupstaitis-Dunkler, Thank you so much for your answer , if I have 5 windows server and workstation , I should install nifi on each host or I can use one nifi server for all hosts ? How to send data ( event log) to nifi ?
... View more
Hi I want to send Windows event log to HCP ( with any agent like winlogbeats or etc ) but I don't know how to do this ? can you provide solution ? Thanks
... View more
Hi @asubramanian , Yes , I installed python-requests but nothing changed. Python module version that installed on server : urllib3==1.24.1
pyOpenSSL==18.0.0
requests==2.6.1 I have this problem with HCP 1.7.1 On CentOS 7.
... View more
