I want to build a box with Logstash installed that collects and parses logs then sends events to Elasticsearch server on other site. Logstash appliance now like USM sensor, responsible for collecting log from devices and feeding events to Elasticsearch on my site. Thanks
It's not very clear what you're asking.
1 Like
Yes. Logstash can run on a different machine than Elasticsearch, and can be distributed to other locations. It is important that you have enough bandwidth, and minimal network latency, to handle the volume of data that you will send. That is a consideration for any distributed application.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.