I am receiving the Syslog using Logstash as Syslog server. My client machine sends the massage to Logstash server.
My question is how can I specify which one or more client machines are valid to avoid disallowed machine sends the syslog message to my Logstash server once he known my Logstash IP address and port?
I can't implement it via FILTERof Logstash because I am worry about performance issue. So I am looking for a internal mechanism of Logstash that can refuses unknown syslog likes IPTABLE before received by INPUT
Thanks a lot