My goal is to verify that the output.logstash is actually being sent to the proper host. My filebeat configuration is set up like so
filebeat.inputs: - input_type: log paths: - /var/log/*.log - /var/log/*/*.log tags: ["security", "bastion"] processors: - add_cloud_metadata: output.logstash: hosts: ["myhost:5000"] ssl.certificate_authorities: ["/etc/pki/beats/logstashCA.crt"] ssl.certificate: "/etc/pki/beats/beats.crt" ssl.key: "/etc/pki/beats/beats.key"
The logstash instance is up and running, but I'd like to know how to test whether or not the data is actually being sent from the machine running filebeat to the machine running logstash. Does anyone have a suggestion for how to test this?