Method to collect all logs

To all dear gens,

I would like to ask how to collect all logs such as syslog, ad audit logs, web logs, etc...

I would like to compete with Splunk.

Please advise.

This question is too open-ended to answer in a meaningful way. If you ask a more specific question you'll get more specific answers.

The general flow is: Pick a log type. Write Logstash filters (and input/output configurations) that satisfies your wishes. Continue with the next log type.

Then store in ES and view with Kibana :slight_smile: