Hello Everyone, i have a very specific use case that was requested of me to look into and after days of research came up empty. Namely what was requested is an option to have log data output-ed and kept in its original format prior to being ingested and stored in elasticsearch, this is required as sometimes we need to provide original logs for auditing purposes. I have looked into beats outputs, logstash outputs, and using kafka as a broker with maybe having two separate pipelines (one that would just pass the info into a file system, and one that would parse data into elasticsearch) and came up with nothing. Is there any reliable way that this can be done and if possible are there any guidelines for this. Thank you in advance.
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.