Observing WinCC OA Logs with Elasticsearch and Logstash…

With Logstash we can collect the logs of WinCC OA systems and write it to Elasticsearch. Multiple WinCC OA system’s can be observed with a central log database…

With Kibana the logs can be easily discovered – I now see errors what i haven’t seen before in my system…

In parallel the log messages are written to Apache Kafka. With Apache Spark we can now observe the log streams and detect anomalies… a very simple observation could be to just simple count the amount of log messages per timeframe …

logstash

WinCC OA logstash configuration file: winccoa-logstash-conf