Shipping Audit Logs to ELK

Currently we are shipping our Cloudflare Logs to an S3 bucket and from there into ElasticCloud with Logstash. This is working great.

Right now - we’re concerned with shipping the audit logs as well to an S3 Google Cloud Bucket. I have found API calls for this - but I have not found a way to ship these in an automated fashion.

Is there a way to ship the Audit Logs?

This is actually something I am working on right now to enhance our current logging solution using on-prem Elastic Stack. However, I pull logs using a PowerShell script. You could build a similar script in powershell or bash and setup a scheduled task/cron job to pull the logs and push them to your EC instance.

A post was split to a new topic: Shipping Audit Logs to AWS S3