I have a few questions about using logstash under Windows Server.
How LogStash implemented on Windows servers? As a windows service (application running in the background like a daemon)? As a plug-in to the application code (SQL Server and/or IIS)? Installed application? Does it require a shared folder for custom logs?
Can LogStash support/plug-in/read directly to the various built-in Windows event logs?
Can LogStash utilize SCOM APIs to extract data directly from SCOM (Windows System Center Operations Manager)?
I'm very interested to know!