Beats is the new method for log acquisition introduced in the latest releases of NetEye 4. It’s a system fully integrated with the Elastic Stack. The Beats agents send logs directly to Logstash, which then forwards them to Elastic. Logstash also writes each log received into files on the file system (at the same location as Rsyslog).
However, the Beats agent configuration is not yet integrated into the configuration web interface of NetEye 4 Log Manager.
To improve the integration of the Beats agents on NetEye 4 Log Manager and enable the automatic signature and compression procedure with the log files written by Logstash, you need to perform the following steps:
With this configuration, the scheduled job that signs and compresses the logs every night will now also take into consideration the files written by Logstash (coming from the Beats agents) that otherwise would be ignored. Furthermore, in the NetEye 4 Log Manager module “Log Check” section you will also find the status of the block chain of these logs.