Load balancing

hburnswell · August 31, 2017, 6:22pm

All,

I'm coming up to speed with the ELK stack in general and have a couple questions about best practices.

I'm starting with ingesting IIS logs with Filebeat -> Logstash -> Elasticsearch. I am loadbalancing with:

filebeat.yml

output:

logstash:
hosts: ["host1:5044", "host2:5044", "host3:5044"]
loadbalance: true

iis.yml

output {

elasticsearch {

hosts => ["host1:9200", "host2:9200", "host3:9200"]
manage_template => false
index => "%{[@metadata][beat]}"
document_type => "%{[@metadata][type]}"

}

Is this best way to configure load balancing, basically load balance at the beat level as well as the logstash level into ES?
Is there a way to see which node info traveled through to ES, i.e. filebeat -> node2 logstash -> node1 ES?

Thanks in advance,

HB

system · September 28, 2017, 6:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Loadbalancing with filebeat Beats filebeat	3	258	August 1, 2018
Logstash one single point failure Logstash	6	1233	January 12, 2018
Can I add loadbalance to filebeat config for hosts in logstash output? Beats filebeat	6	2193	July 11, 2016
ELK Cluster Design Best Approach Beats filebeat	5	884	July 25, 2018
High cpu load, just a one node working on 100% Elasticsearch	3	318	April 25, 2022