there are plenty of possibilities to analyse PI message logs, which are described well in this blog article:
However, I am interested in having PI message logs stored in a third party system, for example a syslog server. There are multiple reasons for that idea: events from several systems can be correlated, events from PI interface nodes and servers could simply be put together in overviews, and advanced search and mining algorithms that some log analysis systems offer could also be applied to PI message logs.
I am wondering which technical approach could be taken to collect or forward emerging PI message logs to a third party system. For example, stopping the PI message subsystem would result in using the Windows application event log, which could be read be most log agents. But in my opinion, it would be better to also keep the original PI message logs.
Is there any other approach I could take?