Is there any way to "pull" logs into logstash, rather than "pushing" them from Filebeat?


(Jack Arnold) #1

I've been tasked with implementing an Elastic stack cluster to deal with monitoring for some server logs - Some of the servers we need to monitor are based on an external network.

Due to our security policy, I can't make logstash internet-facing, even with encryption enabled. Due to our network topology, our machines can see the external network, but nothing on this network can see our network.

Is there any way I can "pull" the files from this external network? Or is this not supported by logstash?

Thanks in advance,
Jack


#2

Hello,

I am looking for a way to do this as well. For similar reasons.
The closest I have is to rsync logs and then upload them from another network.
Seems suboptimal and fragile. Any other suggestions would be amazing

Regards.


(Jack Arnold) #3

I worked around this by creating a VPN link, that was fairly straightforward to accomplish.


#4

Thanks for the reply. So little information about this topic.
Had a idea of doing temporary reverse tunnels with file beat configured to drop files on local host.
A more stable vpn may be a better option.

Regards.


(system) #5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.