How can I use filebeat to read logs from another server? What will be the configuration that will be required?
What's tail replication?
When you copy only last line(s) content (tail) to another location. In your case, it will copy lines from the network to local FB server, which will read then by FB.
There is an excellent tool Robocopy on Windows platform.
Any suggestions for Linux?
Not sure will achieve your needs, check rsync or lsync.
Can I use filebeat to send logs to another server (where elasticsearch is installed)?
If you mean copy logs from server A to B like mirror, not sure, will add additional metadata,
If you mean can you use FB to send logs directly to ES, yes you can by an ingest pipeline
I don't know what is you a log source, is it a specific device or just an application, there is also option to send via TCP. If is the application, just set FB and send to ES. You will need to configure FB and the ingest pipeline.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.