Log Collection

Collecting logs from monitored assets using Beats

Overview

The process of transferring logs, events and flow records from remote environments (on-premises or cloud) is known as log shipping. Using log shippers is the recommended way to send a high volume of logs from multiple apps and hosts. Log shippers are optimized for this task and offer many useful features such as buffering, saving data to disk in case of network issues, sending in bulk, compression, statistics, etc.

Currently CLA supports following log shippers:

Filebeat - for syslogs, weblogs etc from Linux operating systems.
- Cross platform, much lighter on resource usage, requires a Logstash instance to aggregate logs
Winlogbeat: for syslogs on Windows
Packetbeat: for Netflow/IPFIX

PreviousSending Logs to Logstash Forwarder NextCollecting Logs from Linux

Last updated 5 years ago