上QQ阅读APP看书,第一时间看更新
Winlogbeat
In order to install Winlogbeat, we need to follow these steps:
- Download the Winlogbeat ZIP file from the downloads page.
- Extract the contents into C:\Program Files.
- Rename the winlogbeat-<version> directory to Winlogbeat.
- Open a PowerShell prompt as an administrator (right-click on the PowerShell icon and select Run as administrator). If you are running Windows XP, you may need to download and install PowerShell.
- From the PowerShell prompt, run the following commands to install the service:
PS C:\Users\Administrator> cd 'C:\Program Files\Winlogbeat'
PS C:\Program Files\Winlogbeat> .\install-service-winlogbeat.ps1
Security warning: Only run scripts that you trust. Although scripts from the internet can be useful, they can potentially harm your computer. If you trust the script, use Unblock-File to allow the script to run without this warning message:
Do you want to run
C:\Program Files\Winlogbeat\install-service-winlogbeat.ps1?
[D] Do not run [R] Run once [S] Suspend [?] Help (default is "D"): R
Status Name DisplayName
------ ---- -----------
Stopped winlogbeat winlogbeat
Before starting winlogbeat, you should look at the configuration options in the configuration file; for example, C:\Program Files\Winlogbeat\winlogbeat.yml. There's also a full example configuration file named winlogbeat.reference.yml.