How To Archive Logs in Elasticsearch

savetom · April 4, 2019, 4:42pm

Hi Everyone,

I am new to elastic stack so please bear with my ignorant questions.

Our company has been required to follow a Cybersecurity requirement and one of it's requirement is to have a centralized logging server. The logs from this server needs to be regularly archived and digitally signed. I just set up our elastic stack on ubuntu server. Right now, i've been collecting events using winlogbeats installed on our windows clients.

Can anybody tell me how to archive logs on elasticsearch? I would really appreciate if you can post a detailed step by step instruction on how to do it.

Thank you so much in advance!

elasticforme · April 4, 2019, 4:47pm

I think elasticsearch by default rotates your log and zip it

This is what I see in our log dir.

<cluster_name>-2019-04-03-1.log.gz

system · May 2, 2019, 4:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using ElasticSearch to capture Syslogs (windows) Elasticsearch	1	477	September 19, 2017
Log archiving - Difference between ES vs LS Beats winlogbeat	5	830	December 28, 2017
How to archive the messages from logstash Logstash	5	1185	April 10, 2018
Logs in Logstash / archive Logs	6	2703	November 27, 2019
To collect logs from remote server Elasticsearch	3	765	May 11, 2020

How To Archive Logs in Elasticsearch

Related topics