I am using Graylog + Elastic clusters in my small production setup. Right now am using splunk forwarder to forward logs also using splunk forwarder i can easily run a shell or bash script and forwarding the output to graylog + elastic cluster.
Now I want to create a centralized elastic cluster which can be used by kibana and graylog with dedicated tenant indexes so please suggest me a log forwarder which should have capable to run bash & shell scripts also it should directly forward the logs to elasticsearch.
Why do you want to run shell scripts in a log forwarder?
Hi Mark Walkom, thanks for your reply..
In production we have hundreds of servers, if I want to monitor cpu, memory, and disk utilization of servers I will place a script in splunk forwarder and it run the script with certain time interval and forwarding output along with other logs. like this kind of stuff i want to run scripts in forwarder. In filebeat and logstash i am not able to place scripts.
If you want system metrics just use topbeat!
Could you please share some details on how splunk forwarder can be configured to send to ELK.
This is not a Splunk forum, you would have to ask them sorry.