Yes, forwarding logs to a different machine is basically the only option at the moment using official packages.
Log paths depend on the operating system and the installation method, what do you need the default paths for?
Regarding native AIX support you can follow this issue: Add AIX support · Issue #15785 · elastic/beats · GitHub.
Summarizing the issue, Beats can be built for AIX, but this is not officially supported, and there are some limitations
Actually I have 2 types of servers, one is power9 CPU and other is AIX OS.
I have seen the github link and found that there are unofficial beats packages for AIX but currently don't have access to it.
Currently I have power9 CPU and there is no support for beats but want the default dashboards for metricbeat system, auditbeat, filebeat system modules.
I have generated the dashboards and templates from intel servers and its reflecting fine. But somehow need the logs from power9 and AIX also to get parsed and reflect in dashboard.
I am aware about the filebeat system logs paths and where to use it
i.e. Using the path in modules.d./system.yml /var/log/*
Similary need paths for auditbeat and metricbeat and where to replace it in yml file.
Once I get the path can forward to a supported server and use beats for same.
Auditbeat and Metricbeat don't collect the information from logs, they need to be running in the monitored system itself, there is no way of forwarding this information.
For Filebeat, you can write the forwarded logs to any path, and configure this path in the system module by setting the var.paths option.
Or, if you are using syslog to forward the log, you can configure the syslog input in Filebeat and send the logs directly there.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.