Solved Logs monitoring software or methods

Solved issue
setup a central log server using systemd so you dont have to install this graylog nonsense on all your machines to collect logs, and then find out (not sure how) to get all those logs into your graylog (just spin up the docker container, it uses elasticsearch so its automatically a pain to administrate).

From there its mostly just clicking around.