I have mostly seen Logstash at the front of the ELK to parse data into structured form and transmit it into elasticsearch. In what situation will I need to place logstash in between elasticsearch and kibana? Should ETL be done at the start with logstash or in between elasticsearch and kibana?
ebuildy (Thomas Decaux) #2
Kibana queries elasticsearch, with aggregations queries, using elasticsearch HTTP API.
No need something between.
system (system) #3