Monitor servers/workstations in different locations over internet


i would like to know some best practices about monitoring remote servers/workstations over internet. I mean, servers in different geographical locations other than ELK server:

  • how beats reach ELK?. Ports
  • how beats traffic could be secured?. Secure communication because logs are traveling over internet.
  • is a good practice to monitor servers and workstations not in the same local network?

I would like to listen some advices

Many thanks

Your question depends entirely on your infrastructure, you just need to make sure that your beats can reach your elasticsearch or logstash.

It is pretty common to collect monitoring data from different geographic locations, but it is strongly recommended to avoid sending it over the internet, you should use VPN communications to send the data.

You can secure the communications between the beats and the outputs using SSL/TLS, this is the documentation for packetbeat, the other beats have the same configuration.

1 Like

Many thanks @leandrojmp

Yes this what i need to achieve, our ELK server is in AWS EC2 and we need to collect data from several workstations and servers from different locations. Thanks for your answer much appreciated. So my best bet would be create and VPN between clients (beats) and ELK server.

Best regards

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.