From f1a09bf8b796a92125e283a87d6944ae242114b0 Mon Sep 17 00:00:00 2001
From: Ryan Earle <ryan.earle@elastic.co>
Date: Fri, 21 Oct 2022 14:44:25 -0400
Subject: [PATCH] Update index.asciidoc

---
 docs/index.asciidoc | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/index.asciidoc b/docs/index.asciidoc
index 8162f41f..1e042c1b 100644
--- a/docs/index.asciidoc
+++ b/docs/index.asciidoc
@@ -93,6 +93,21 @@ output {
 }
 -----
 
+**Example: Configuration for Winlogbeats to Output to Winlogbeat created Data Stream**
+
+[source,sh]
+-----
+output {
+    elasticsearch {
+        hosts => "hostname"
+        index => "winlogbeat-8.4.3"
+        pipeline => "winlogbeat-8.4.3-routing"
+        action => "create"
+    }
+}
+-----
+
+
 This example shows the minimal settings for processing data streams. Events
 with `data_stream.*`` fields are routed to the appropriate data streams. If the
 fields are missing, routing defaults to `logs-generic-logstash`.