we have a small Elastic Stack setup.
There are several sources that are frequently sending logs to Logstash but they are not needed anymore.
However to some I don't have access to and the person responsible doesn't seem to be interested in turning it off (Logs are being send directly from devices not through beats).
This made me wonder if there was an easy way to reject certain incoming logs on Logstash in the best way.
I could use something like another Logstash server which sends the logs to a broker like rabbitMQ which sends them to another logstash server again, but that seems overkill for my use case.
I don't want to close the port, as there a lot of machines sending their logs to it (tcp input plugin).
I can't seem to find anything useful, maybe I'm searching for the wrong terms.
Do you know a good way to reject unwanted logs in Logstash?