Logstash is a great tool for working with logs and can act as a very robust and versatile log collector for Microsoft Sentinel. But many companies struggle to optimize and secure their log ingestion flows. In this session I will explain (and demo!) everything regarding ingesting DCR-based custom logs with Logstash. As well as how to implement a fully automated and secure key rotation mechanism with my custom tool, I named "Rot8r".
So no more handing out workspace IDs and keys or storing passwords in plain text inside your Logstash instances! 👌🏻🔐