From 2a1935a23d0ea414e8be0388e557297e0289cffb Mon Sep 17 00:00:00 2001
From: Akshay <akshay@noreply.localhost>
Date: Fri, 22 Dec 2023 12:40:23 +0530
Subject: [PATCH] Add security logs

---
 promtail-config.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/promtail-config.yaml b/promtail-config.yaml
index 349b52f..8af16fd 100644
--- a/promtail-config.yaml
+++ b/promtail-config.yaml
@@ -17,3 +17,14 @@ scrape_configs:
       - json:
           expressions:
             level: levelText
+  - job_name: security
+    windows_event:
+      eventlog_name: "Security"
+      bookmark_path: "./bookmark.xml"
+      xpath_query: "*"
+      labels:
+        job: security
+    pipeline_stages:
+      - json:
+          expressions:
+            level: levelText