Is there a way to send logs from Elasticsearch to multiple Qradar IPs?
What are Qradar IPs?
Qradar Event Collector IP. We are now using TCP output plugin in logstash output section. But TCP parameter 'host' can take string not a list like 'hosts' parameter in Elasticsearch output plugin
Then it's likely it's not possible.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.