To all dear gens,
I would like to ask how to collect all logs such as syslog, ad audit logs, web logs, etc...
I would like to compete with Splunk.
Please advise.
This question is too open-ended to answer in a meaningful way. If you ask a more specific question you'll get more specific answers.
The general flow is: Pick a log type. Write Logstash filters (and input/output configurations) that satisfies your wishes. Continue with the next log type.
Then store in ES and view with Kibana 