MSI WinGet

Beats winlogbeat

Elastic · 9.0.0 · x64

Before deploying, verify this file with VirusTotal ↗

Silent Commands

Install

msiexec /i winlogbeat-9.0.0-windows-x86_64.msi /quiet /norestart

InstallPath

msiexec /i winlogbeat-9.0.0-windows-x86_64.msi /quiet /norestart INSTALLDIR="<INSTALLPATH>"

Intune Detection Rule

MSI Rule

Rule type MSI information

Product code {2DE7C165-4793-5EE1-9DF0-372082353E2B}

Product version operator Greater than or equal to

Product version 9.0.0

MSI Properties

Product Code {2DE7C165-4793-5EE1-9DF0-372082353E2B}

File Identity

SHA256 035a6c38447b39dc6c36d0748de17bf3670ebe48407397e742ea1c4a75b5603d VirusTotal ↗

Filename winlogbeat-9.0.0-windows-x86_64.msi

Signature

Status Upload installer to verify signature

Installer Selection

WinGet Package

Package ID Elastic.Winlogbeat

Version 9.0.0

Description Fetches and ships Windows Event logs

License Elastic-2.0 ↗

Homepage https://www.elastic.co/downloads/beats/winlogbeat

Support https://github.com/elastic/beats/issues

Installer URL https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-9.0.0-windows-x86_64.msi

Upgrade Behavior install(Install over existing)

Release Notes Features and enhancements - Improves logging in system/socket in Auditbeat. #41571 - Adds out of the box support for Amazon EventBridge notifications over SQS to S3 input in Filebeat. #40006 - Update CEL mito extensions to v1.16.0 in Filebeat. #41727 - Filebeat's registry is now added to the Elastic-Agent diagnostics bundle. #33238 and #41795 - Adds unifiedlogs input for MacOS in Filebeat. #41791 - Adds evaluation state dump debugging option to CEL input in Filebeat. #41335 - Rate limiting opera…