I have two agents that are Amazon linux 2023.
since AL2023 stopped traditional logging and uses journald for a centralized logging, their logs are not being populated into siem.
what is a better option?
to install rsyslog or to collect logs from journal?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.