I'm going to have to monitor several remote domains consisting of Windows and Linux servers. I want to run beats on all of them. Is there a simple way of concentrating all beats output into one system inside such a domain and from there send it to a central network management system that runs ES and whatever else that would be needed?
Usually, Elasticsearch or Kafka are the parts of the architecture which concatenates all Beats outputs into one system. There is no intermediate software between those elements.
It could be a solution to collect the beat outputs in a Logstash instance running in the respective domain and forwarding the different queues from there to a central ES system.
Thats just an idea where to look to. I'm not quite knowledgable if every Beat you are running is able to go through a Logstash queue.
The filter section of the queue(s) would be usually empty:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.