Hello - Anyone have experience with implementing an external or 3rd party logging server to send Pulse Connect Secure users logs (syslog)? What's your top choice?
I have a decent sized active/active cluster behind a load-balancer and have historically jumped between the cluster nodes AdminUI to find the logs where the user is logged in when troubleshooting. I'm looking for an aggegrated solution that is quick to search for troubleshooting/reporting use cases. With all the open source syslog tools out there I'm sure there's something that would fit the need, just haven't gotten around to it. Any suggestions?
Would something like Kibana be able to ingest PCS logs and make it easy to search & generate reports? I'd like something fairly simple to setup, perhaps spin up a VM to install it on that would double as the web frontend for searching/reporting.
Anyways, just wanted to see what others have done before I venture down the road.