Hi Lee,
Thanks for the feedback.. logstash output host does appear to be configured to push collected logstash data to the elasticsearch cluster (IP addresses below). Here is the output file:
What's the process for testing that data is firstly actually being processed by logstash and secondly being sent to the kibana cluster...?
Many Thanks
output {
elasticsearch {
hosts => ["10.55.209.16:9200","10.94.242.128:9200"]
}
tcp {
mode => "client"
port => "514"
}
}
....and just for reference... here is the input file:
input {
beats {
port => "3516"
ssl => true
ssl_verify_mode => "none"
ssl_certificate => "/etc/logstash/logstash-forwarder.crt"
ssl_key => "/etc/logstash/logstash-forwarder.key"
}
}