A middle logstash


(Bill) #1

We currently have an managed services running on cloud which is not in our control. The application can export log via Logstash forwarder or Fluentd.

I need set a middleware in company network to receive these logs, filter the logs (most for security check), then forward to my company's logstash server.

So how to design the middleware? it will work as a proxy. My understand is, it need be a logstash shipper, but how to make it work together?


(Magnus B├Ąck) #2

Set up a Logstash instance with an input that supports whatever protocol the log shipper in the cloud supports (in the logstash-forwarder case you should use the lumberjack input, or even better replace LSF with Filebeat and use the beats input). Include whatever filters you need and a lumberjack output that connects to the lumberjack input of your main Logstash server(s).


(system) #3