Hello there,
I have successfully deployed an HA Elasticsearch cluster which is has xpack security features enabled. My problem is that I do not really know how to configure filebeat elasticsearch.output, so it can do petitions to the different hosts of the Elasticsearch clusters. Specifically what worries me is the following:
I know I can use the following configuration in the beat:
output.elasticsearch:
hosts: ["https://es1:9200","https://es2:9200","https://es3:9200"]
protocol: "https"
username: "xxx"
password: "xxx"
ssl.certificate_authorities: ["/etc/metricbeat/certs/ca.crt"]
ssl.certificate: "/etc/metricbeat/certs/{{ es_node_name }}.crt"
ssl.key: "/etc/metricbeat/certs/{{ es_node_name }}.key"
Each Elasticsearch node has its own certificate, if I declare three hosts "es1", "es2", and "es3", then the beat is going to need three different certificates to call each API of each node. But apparently, I can only specify only one certificate and one key. What can I do if I want the beats to call the three APIs and "balance" the petitions without using a reverse proxy?
Kind regards,