How To Archive Logs in Elasticsearch

Hi Everyone,

I am new to elastic stack so please bear with my ignorant questions.

Our company has been required to follow a Cybersecurity requirement and one of it's requirement is to have a centralized logging server. The logs from this server needs to be regularly archived and digitally signed. I just set up our elastic stack on ubuntu server. Right now, i've been collecting events using winlogbeats installed on our windows clients.

Can anybody tell me how to archive logs on elasticsearch? I would really appreciate if you can post a detailed step by step instruction on how to do it.

Thank you so much in advance!

I think elasticsearch by default rotates your log and zip it

This is what I see in our log dir.

<cluster_name>-2019-04-03-1.log.gz

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.