Add security module to winlogbeat

cyberdefenders · Aug 8, 2020 · 7b754d2 · 7b754d2
1 parent 760f25d
commit 7b754d2
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/Vagrant/scripts/install-winlogbeat.ps1 b/Vagrant/scripts/install-winlogbeat.ps1
@@ -5,6 +5,13 @@ If (-not ($service)) {
   choco install winlogbeat -y
 
   $confFile = @"
+processors:
+  - script:
+      when.equals.winlog.channel: Security
+      lang: javascript
+      id: security
+      file: `${path.home}/module/security/config/winlogbeat-security.js
+
 winlogbeat.event_logs:
   - name: ForwardedEvents
     ignore_older: 15m