Hello currently we are transitioning to Elastic from LogRhythm SIEM. The current logs from LR are in .LCA format. Due to compliance reasons we will need to have access to this historical log data. I assume as LR is built on elastic the logs should be able to be transferred to the elastic SIEM. What can I do to import these logs? Is this possible?
If the .LCA files are plain text, you can use Filebeat or Logstash to import them.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.