Hi everyone,
I'm quite new to logstash.
I'm trying to aggregate auditd logs.
While Filebeat has a module that does exactly that - it require me to forward it directly to ES
as it parses the logs using an ingest node pipeline.
I wish to use logstash to do that, the ingest node pipeline looks like this:
Hi Nadav,
I would encourage you to take a look at our Logstash 6.0 beta1 release: https://www.elastic.co/blog/logstash-6-0-0-beta1-released
It includes a brand new ingest node to Logstash pipeline converter tool. Check it out and let us know what you think.
Alvin
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.