The product I'm working on is installed on the client's private infrastructure. We have a SAAS log analysis service that collects log data from instances running inside the client's servers.
Due to privacy and policy issues, some customers can not share logs. I am looking to implement a local newspaper analysis that will help support staff to go through many log files and solve problems faster.
We use Logstash and Kibana to perform log aggregations on the SAAS service. Running this configuration on a client instance would require a lot of resources.
Is it possible to provide a basic log analysis of the client instance? Newspapers are a mix of unstructured and structured data. Each log file has a different format, which complicates things.
Any help is welcome!