I have seen people here using Elastic Search or Graylog to ingest Zeek logs for slicing and dicing the elephant.
I am so far using Grafana Loki for archiving and searching all my logs, and I am wondering if there are other users here who already have connected zeek to promtail (or syslog, but not ideal) to feed the zeek logs into Grafana Loki.
I would be happy if some could be sharing their best practices for connecting Zeek to Loki.