Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Next »

Armor Agent - Collecting Linux and Windows Standard Logs

Use the following commands to manage the Logging service - Filebeat and Winlogbeat (for Windows only). 


Install Logging:

Windows: C:\.armor\opt\armor.exe logging install
Linux: /opt/armor/armor logging install


Uninstall Logging:

Windows: C:\.armor\opt\armor.exe logging uninstall
Linux: /opt/armor/armor logging uninstall


Logging Help

Windows: C:\.armor\opt\armor.exe logging help
Linux: /opt/armor/armor logging help
 Filebeat Sync Configuration Commands for Linux

Add new paths to filebeat config

/opt/armor/armor logging add-file-paths <paths to file locations>

Remove paths from filebeat config

 /opt/armor/armor logging remove-file-paths <paths to file locations>

List added config paths

/opt/armor/armor logging describe-file-paths

Sync filebeat config

/opt/armor/armor logging sync-file-paths


Armor Agent - Collecting Custom Windows System Event Logs

Add new paths to filebeat config

C:\.armor\opt\armor.exe logging add-file-paths <paths to file locations>


Remove paths from filebeat config

C:\.armor\opt\armor.exe logging remove-file-paths <paths to file locations>


List added config paths

C:\.armor\opt\armor.exe logging describe-file-paths


Sync filebeat config

C:\.armor\opt\armor.exe logging sync-file-paths


Add winlogbeat event logs

C:\.armor\opt\armor.exe logging add-event-logs <add events>


Remove winlogbeat event logs

 C:\.armor\opt\armor.exe logging remove-event-logs <add events>


List Event logs

C:\.armor\opt\armor.exe logging describe-event-logs


Sync event logs

C:\.armor\opt\armor.exe logging sync-event-logs
  • No labels