I have been using logstash for a number of years now with a pretty big pipeline. The majority of the systems we monitor are via winlogbeats. We are using elastic cloud and hosting logstash ourselves.
With the introduction of fleet and different auth options to elasticsearch (not requiring management of certs and keys) i am considering a plan to move these pipelines to elasticsearch in preperation for fleet becoming GA.
The last blog comparing logstash and elasticsearch was from 2018, are there any upto date documents comparing the 2 solutions? And any thoughts from people that have used elasticsearch pipelines for winlogbeats ingest?
Thanks