Since I am new to Beats and ElasticSearch, I have few query before perfromaing POC on Beats and Elasticsearch for windows and Linux monitoring.
Is possible to capature the log on endpoint and send the capture log at sechdule time to save network bandwidth instead of sending data continuously to Elasticsearch for alerting ?
If yes how much log can be stored locally before sending to logtrash/ElasticSearch ?
As well as share the method to store logs to endpoint and send to centeral monitoring system for alerting and ticketing.
will it work if we put the logtash in between filebeat and elastic search.
like bastion host in case of network connectivity between your private network server on public cloud.
kindly brief the usages of logtash to complete this issues
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.