pfElk-> pfEfk? (or adding support for fluentd) #311
Closed
justchris1
started this conversation in
Ideas
Replies: 1 comment 6 replies
-
pfFO? |
Beta Was this translation helpful? Give feedback.
6 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hey all - first this is a really great project. I am thinking about using this on and this project is an amazing start. However, with all the fuss with Elastic and the apparent wars brewing between Elasticsearch and Opensearch (the Amazon fork), there appears to be churn in the broader elk environment. I guess the next shot across the bow from Elastic was to intentionally break logstash so it can't work with the OpenSearch fork (or that is what it appears to me, at least). I was looking to use OpenSearch since it has built-in security and other items that are paywalled away from ES. So with that, I was looking at logstash alternatives, and of course Fluentd pops up. However, it appears that although logstash and fluentd do the same general thing, they don't have compatible parsers (configuration files for the inputs) at all!
If you want to stay focused on logstash, that is totally fine (it is called pfElfk!), but I figured it was worth having the discussion to see if you/the project had considered migrating to fluentd instead of logstash in the future. I mean to disrespect and am not trying to add to your workload if this isn't a direction you want to head in. I just wanted to pulse the thought process of the project and see if it had crossed your collective minds at all.
Thanks again for the contributions in pfElk!
Beta Was this translation helpful? Give feedback.
All reactions