Architecture for elastic deployment

Dear Team,

Am new to ELK, I have some doubts about balance architecture. Currently approach in PRD for our application will be active active state.. So both PROD & DR will be active, Now we need to send both PROD & DR logs to ELK, PROD & DR ELK will be in Same Data center but different location with in country

Filebeat_prod -> Logstash -> elasticsearch (elk_PRD_Cluster) -> kibana
Filebeat_prod -> Logstash -> elasticsearch (elk_DR_Cluster) -> kibana

Filebeat_DR -> Logstash -> elasticsearch (elk_PRD_Cluster) -> kibana
Filebeat_DR -> Logstash -> elasticsearch (elk_DR_Cluster) -> kibana

here logstash is not load balanced,

I need architecture advise on Single Data center having both PROD & DR ELK - Can we have single Cluster to manage both Prod & Dr or Need to have Multiple Cluster and more over need to know HA of Logstash with in same data center

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.