In my setup, the SQL server resides on a Windows machine and it generates ERRORLOG which records for any errors occurring in SQL server. I'd like these logs to be pushed on to an Ubuntu machine (where I currently run ES and Kibana).
My question being, can I directly consume the ERRORLOG file into ES for monitoring or should I be using Logstash (with grok filter) to read out the ERRORLOG?
The pattern is something like TIMESTAMP<1SPACE>USER<4SPACES>MESSAGE.
Also to note that message is multiline in a few cases.