Hello,
I'm trying to design a POC for my boss. I've got client at remote
location who will need to feed our new elastic cluster in cloud.
Currently I've got:
- Client Side :: Redis (queue) -> Logstash
- Cloud Side :: 3 x Elastic machines in cluster + 1 small VM with Kibana
Data will go over Site to Site VPN .
My question is do I need another Logstash in my cloud to receive this data and forward to cluster or I
can directly feed it to my cluster - I know both solutions will work just wonder what is best practice
In addition can I stick another Elasticsearch instance on cilent side to agregate data on cliend side and then send it to my cloud cluster? Our development team proposed this as way to maybe reduce the network traffic etc (if we can send ready data to cluster).
Thanks
D