Best solutions for cross organization one point of truth

elitzur_e · March 25, 2018, 10:44am

Hi.
i have been researching for the best solution for this scenario:
my organization has 2 unrelated logs sections:

Application section:
-made of serval applications (each application can, in theory, be grouped by a single transaction code or id)
system section:
made of many systems that are a closed box:

windows logs
iis logs
-firewall logs etc..

so i am looking to setup a "single point of truth" where if there is a request to investigate from the application i would be able to see all related system section logs.
i dont know if this is something that logstash can do or maybe i need the elastic apm?

thanks for any help

elitzur_e · March 28, 2018, 12:43am

Any1?

warkolm · March 28, 2018, 1:37am

Logstash will parse and process the logs, but you need the rest of the Elastic Stack here.

system · April 25, 2018, 1:37am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.