New to OpenSearch - Need Suggestions

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
I’m looking to use the current Windows (non-docker) version of OpenSearch to act as a log parser for a customer I work with.

Describe the issue:
This customer has text-based log files that get generated every day from Weblogic web server, an ERP system that generates text based logs, and finally logs from an AS/400 (IBM Server i).

I need to pull these over from the separate servers they are generated on to a primary server. From what I read, I will probably have to use an OpenSearch JAVA client to pull from the AS/400, and I can see that I will need to use the OpenSearch Dashboard to be able to render meaning to what I find from the log files.

I will need a way to do the following with specific messages in the log files as well:

  1. Blacklist errors that can be ignored. There is a lot of junk in this category that shows up in all of the logs and I don’t want to see ignorable messages.

  2. Whitelist errors that I know are problems. Ideally, I would like to be able to send an alert or flag errors that are legitimate problems to send via email with the ability to modify the subject to say “Critical” or “High”, depending on the priority I want to assign to specific errors. For example, and error where the server is about to crash would fall into the Critical category vs. a user just not having a customer number assigned to it. These would send to a help desk and determine the priority that is assigned through an automated process.

  3. Finally, I would like to be able to view the errors that are parsed on screen after filtering through the blacklist so I can work through each error and decide if it would be put on the blacklist or whitelist.

Configuration:

What software from OpenSearch would I need to set this up? What Mods would you recommend? What would be the architecture you would recommend to be able to put this into place (e.g. OpenSearch on collation server, OpenSearch nodes on each server sending files, or something of this nature)?

Thanks in advance. As I mentioned, this is all new to me and a little overwhelming on where to get started. I am reading through the documentation, but if I can get some recommendations, it might help me pay special attention to only the things I’ll need.

Relevant Logs or Screenshots:

Have you checked out Data Prepper? I don’t have experience with it but I think it would provide some of the functionality you are looking for.

Also see this: Alerting - OpenSearch Documentation.

From Tools - OpenSearch Documentation :

Historically, many multiple popular agents and ingestion tools have worked with Elasticsearch OSS, such as Beats, Logstash, Fluentd, FluentBit, and OpenTelemetry. OpenSearch aims to continue to support a broad set of agents and ingestion tools, but not all have been tested or have explicitly added OpenSearch compatibility.