Configuring logstash for use with Elastic Cloud

I have some questions regarding configuring logstash to work with my Elastic Cloud cluster (see

  1. "In our examples, we use the elastic superuser that every version 5.x cluster comes with. ... On a production system, you should adapt these examples by creating a user that can write to and access only the minimally required indices."

How do I do this? By creating a user in Kibana? Is this related to the logstash_system role? If I create a new user, what permissions do I need to give them? Or am I supposed to somehow set the password for the logstash_system built-in user and use that?

  1. "Cloud ID applies only when a Logstash module is enabled, otherwise specifying Cloud ID has no effect."

What does this mean? What is a logstash module? If I have a Kafka input and an Elasticsearch output, am I using a module?

  1. "In the Logstash install directory, run the module. For example: bin/logstash --modules netflow -M "netflow.var.input.udp.port=3555" My_Cluster:MY_CLOUD_ID"

What is this? Do I have to run the netflow module?

I am currently using the 'elastic' username/password and that's working. I am trying to figure out how to switch logstash to a more-specific user.

Thank you

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.