At work, I have many Windows servers. I've started to investigate ways of getting the logs from the servers into a central place.
I'm going to use nxlog to gather the logs on the Windows hosts, and then send them to a LogStash server (running on Debian).
LogStash will do some filtering, parsing out of fields, and then the logs will sent to an Elastic Search cluster.
These posts will detail how I've configured the nxLog and LogStash parts, focusing on securing the transport so the logs are protected in transport.
Part 2 - Creating a self-signed certificate
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment