can we send directly osquery log to destination tcp port log

Question

can we send directly osquery log to destination tcp port logstash

javuto · Answer

I don t think is possible Traditionally if you wanted to use logstash to forward logs you would have osquery to log locally and the logstash agent would pick those up

javuto · Answer

You can find some information about it in the osquery wiki <https osquery readthedocs io en stable deployment log aggregation logstash>