Hi everyone.I need some help please. I have a requirement from the vendor Hunters where I need save Windows Event Logs in S3 in XML format, but it is mandatory one event per file. Is it possible configure this in Cribl?
Question
Storing Windows Event Logs in XML with each event in a single file
One event per file will likely have you end up with millions of files and might cause trouble with too much connections, files etc... Do you need to collect ALL windows events for that or only a tiny subset?
This has been discussed before. Very difficult to achieve and I would strongly recommend against it.https://cribl-community.slack.com/archives/CPYBPK65V/p1661282080042919
Yeah, I also see that this is not a good option. I'm going to check with Hunters if there is some other better alternative.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.