Let's assume an application I would like to monitor is running in a Security-Network-Zone (e.g. DMZ). It should be integrated via Filebeat into the Logstash & Elasticsearch platform running in the internal network zone.
But unfortunately the Security-Zone does not allow me to establish a connection to the internal network for security-reasons. It is only allowed, to create a connection from the internal network to the security-zone.
As the connection between Filebeat & Logstash is persistent anyway, I was thinking if there is a way to initialize the connection to Filebeat from Logstash (Internal to DMZ)? But it seems not, as I haven't found any information.
What would be your advice in that architecture to solve this requirement?
Many thanks in advance!