I want to use a log aggregation system to gather a lot of logs, and then build dashboards on them (metrics mainly, e.g. num 4XX errors, num 5XX errors).
I don’t want the retention on the source raw logs to be long (maybe 5 days), but i want a historic database of the values of these metrics (e.g. num 4XX errors graphed for last 6 months).
Is this possible? any pointers will be useful.