Forward beats logs from site A to B using a single server as a proxy


I searched a way to ship logs from one site to another using a single point of contact (a server using a VPN to connect to site B), let's see it this way :
Differents endpoints using Beats to ship logs to the server mentioned which itself will ship those logs to the Site B through the vpn to a logstash/elasticsearch server.

Endpoints Beats -> Server forwarding -> Site B logstash/elasticsearch server

One way I found was to put a logstash service on the server and directly ship the logs to the elasticsearch on site B.

Any idea or advice ? And excuse my google search skill if this has already been asked/answered !

If they all have to go to one host, it might as well be the Logstash instance.

Thank you for your reply, there is a network concerne here, that is why i want a server in the middle which has access to both networks.

I put Logstash on the server and used Lumberjack output to ship logs, it worked for one thing, but when it forwards Beats logs the format is lost somehow leaving it with only the message field.

Nevermind, I'm going to deploy logstash service in each site and expose Elasticsearch to it through a VPN.
I'm closing this topic.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.