Once logs are generated by network sniffing processes or endpoints, where do they go? How are they parsed? How are they stored? That's what we'll discuss in this section.
.. toctree:: :maxdepth: 2 ingest logstash redis elasticsearch elastalert data-fields alert-data-fields elastalert-fields zeek-fields community-id soc-logs