Hi,
We have 2 Logstash servers. I want to put them behind a load balancer and push the data to the logstash over the HTTPS. But now, I am using the HTTP input plugin without a load balancer.
Let me show you my HTTPS configuration steps;
in logstash1 server:
mkdir /etc/logstash/certs
cd /etc/logstash/certs
openssl req -days 3650 -x509 -newkey rsa:4096 -keyout logstash1-key.pem -out logstash1-cert.pem -nodes
chmod 644 logstash1-key.pem
in logstash2 server:
i applied same steps but just replaced openssl command whit this;
openssl req -days 3650 -x509 -newkey rsa:4096 -keyout logstash2-key.pem -out logstash2-cert.pem -nodes
config file;
Note: Each logstash server(1 and 2) has same config except ssl_certificate and ssl_key
input {
http {
port => 9605
user => "happylogstash"
password => "${LS_PWD}"
ssl => true
ssl_verify_mode => "none"
ssl_certificate => "/etc/logstash/certs/logstash1-cert.pem"
ssl_key => "/etc/logstash/certs/logstash1-key.pem"
codec => "json"
}
}
Finally, i set the logstash's fqdn in /etc/hosts in a different server where I send data to logstash by using logstash's fqdn instead of IP.
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
# Logstash
10.0.1.2 logstash1.com
10.0.1.3 logstash2.com
And i send data like this;
curl -XPOST -k -u 'happylogstash:anypassword' 'https://logstash1.com:9605' -d '{"my": "data"}'
or
curl -XPOST -k -u 'happylogstash:anypassword' 'https://logstash2.com:9605' -d '{"my": "data"}'
My question is what should I make changes in my configuration if use a load balancer's fqdn instead of using logstash's fqdn directly?