I would ask about the best way to use protologbeat. In fact, we can use it remotely as a server to collect rsyslog trafic and give it to elastic search. Or, we can put it directly in the machine we want to supervise. Betwen these tow solution, which is the better? and if we can we want to implement it directly in the machine, is there any way to get the log other than modifing the rsyslog to send data to localhost?
I would ask about the best way to use protologbeat. In fact, we can use it remotely as a server to collect rsyslog trafic and give it to elastic search. Or, we can put it directly in the machine we want to supervise. Betwen these tow solution, which is the better? and if we can we want to implement it directly in the machine, is there any way to get the log other than modifing the rsyslog to send data to localhost?