We're using ELK stack to centralize logs of our systems and need to encrypt some of these log types(access logs, audit logs etc.). Logstash fingerprint seems suitable for this but we have to check if the log content has changed or not. There are many applications to do this encryption and testing the log file(compare the string message and the encrypted message).
We can encrypt the "message" field and "timestamp" field into 1 "fingerprint" field but we don't know how to check the log message if it has changed which has contents Personal Data with cleartext.
This is "Log Signing" in our Regulations which presented from our government. Could you please provide any information about this?