Hey all,
I have a logstash input ingesting router flows and I'd like to have another to get Cisco ASA netflows.
What's the best way to achieve this?
Should I create separate indexes
logstash-firewall and logstash-router to distinguish between the two?
Currently logstash index contains both netflow and syslog type from two different sources