Hi,
I have a query related to legal purpose.
I am using winlogbeat to ship windows event logs to the elasticsearch. And winlogbeat process the logs and add extra fields to it and store it as docs in an index.
So, If I have a requirement to submit the RAW logs to an US court for investigation and forensics, can I submit these logs from the elasticsearch indices as an evidence?
If NO, what's the solution?
Shouldnt the court provide the definition of RAW log?
or at least the lawyers argue about it.
Is there any standard recommendations or format in that case?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.