WARNING: Version 5.5 of Winlogbeat has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Beat Fields
editBeat Fields
editContains common beat fields available in all event types.
beat.name
editThe name of the Beat sending the log messages. If the Beat name is set in the configuration file, then that value is used. If it is not set, the hostname is used. To set the Beat name, use the name
option in the configuration file.
beat.hostname
editThe hostname as returned by the operating system on which the Beat is running.
beat.version
editThe version of the beat that generated this event.
@timestamp
edittype: date
example: August 26th 2016, 12:35:53.332
format: date
required: True
The timestamp when the event log record was generated.
tags
editArbitrary tags that can be set per Beat and per transaction type.
fields
edittype: dict
Contains user configurable fields.