While surfing through internet I came accross rsyslog term which is something like monitoring and logging tool. Fer points that I collected :
1.Multi-threading
2.TCP, SSL, TLS, RELP
3.MySQL, PostgreSQL, Oracle and more
4.Filter any part of syslog message
5.Fully configurable output format
6.Suitable for enterprise-class relay chains
Similarly Packetbeat is used to monitor network packets and uses elasticsearch and Kibana. Packetbeat also monitors TCP, MySql etc.
So what is the prime diff between these two?
Rsyslog is basically for unix and unix like operating system while on the other hand Packetbeat provides support for all the operating systems. Apart from that Packetbeat can be used to analyze following protocols:
While rsyslog provides support for following protocols:
So the use cases of both rsyslog and packetbeat varies like if you want to monitor your REST API transactions , mongo DB transactions then you can use packetbeat which when integerated with kibana can be used to visualise the traffic on the ports where you API server is running.