We have some servers in remote data centers where we can open a ssh from our central server to the remote-server. But the remote-server (where the logs get created) can't push the logs to our central server.
What is the best way to get the logs to the central server?
I would like to avoid that the process who pulls the logs reads regular log files in text format and remembers inodes.
This leads to dropped records sooner or later. Example logrotate on the remote host truncates the log files ...
How to provide the logs on the remote-host, so that fetching them via ssh works flawlessly?
And how to pull them?
Please be patient, I am new to LogStash
Both sides (remote host and central server) run linux and we have full control over them.