Hello everyone,
I currently have an ELK version 7.6.0 implementation which I use hand in hand with Splunk version 8.0.1.
I realize they are old versions, but it is working for what I need.
The plugin I use from Splunk is called "ElasticSplunk" which is already outdated because after Splunk version 8.1.0 they changed from Python 2 to Python for all plugins, since then "ElasticSplunk" is no longer supported, because of that I use older versions.
Now I have the need to leave behind those older versions and I require the benefits that I have from Splunk which is the creation of Alerts or use cases which I can configure so that when they match certain criteria it sends me an email, functionality that ELK does not have in this older version that I know, I would appreciate if any newer version has it and if it is free or if you must have a subscription.
In the same way I need to know if with ELK it is possible to make correlations between several indexes.
I appreciate your comments and suggestions,
(sorry for the wording, I am using a translator.)