We are receiving logs from a NetApp file server about what user access, etc. Log format very similar/same as the Windows Events in XML. (So parsing looks good) We also have Enterprise Security license.
So far I didn't find what can ES do with these logs, one tip is to try to use Change Adult/Endpoint changes/Filesystem changes Data Model.
So does anybody have an experience on this topic, what should I do with this logs?