Hi , I am a new user to use ELK.
I want to analyze Aruba Controller & MM's syslog.
But ELK don't have Aruba's template to show clearly.
So I need to grok it by myself.
From some article ,I know that ELK will not save the raw data
Should I output raw data of Aruba's syslog to try to grok it ?
Or did I have another way to make the default "type:syslog" more clearly?
Thanks
I can't understand.
If I can't read raw logs .
How could I grok it?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.