Logstash position in ELK


#1

I have mostly seen Logstash at the front of the ELK to parse data into structured form and transmit it into elasticsearch. In what situation will I need to place logstash in between elasticsearch and kibana? Should ETL be done at the start with logstash or in between elasticsearch and kibana?


(Thomas Decaux) #2

Kibana queries elasticsearch, with aggregations queries, using elasticsearch HTTP API.

No need something between.


(system) #3