Best solutions for cross organization one point of truth

i have been researching for the best solution for this scenario:
my organization has 2 unrelated logs sections:

  1. Application section:
    -made of serval applications (each application can, in theory, be grouped by a single transaction code or id)
  2. system section:
    made of many systems that are a closed box:
  • windows logs
  • iis logs
    -firewall logs etc..

so i am looking to setup a "single point of truth" where if there is a request to investigate from the application i would be able to see all related system section logs.
i dont know if this is something that logstash can do or maybe i need the elastic apm?

thanks for any help


Logstash will parse and process the logs, but you need the rest of the Elastic Stack here.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.