As the title says, in the Filebeat config file is it possible to define custom headers to be sent on output to Logstash?
the Filebeat documentation does not make it sound like thats an option that is available
https://www.elastic.co/guide/en/beats/libbeat/6.2/config-file-format.html
the idea stems from this post about Elasticsearch being able to live behind nginx
https://www.elastic.co/blog/playing-http-tricks-nginx
You can add HTTP headers to the Elasticsearch output. See output.elasticsearch.headers in the docs.
But the Logstash output is different because it uses a custom protocol sent over TCP. There's nowhere in the protocol to write the headers, and even it it did you would need a custom proxy that understood the protocol. I would use TLS mutual authentication to secure the traffic to Logstash.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.