This is probably very basic question. I did some research but cant find answer.
I have acces to some third party app, that collects data from over 200 machines into one elasticsearch, it si version 2.x . I can acces this elasticsearch using RESt, I can do curl commands.
Now what I would liketo do is filter the documents in that elasticsearch and forward them to our company LOG collecting server.
I see 2 ways of doing that:
- I run every 15 minutes a script that forwards all documents younger that 15 minutes to that LOG server
- I run every 15 minutes a script that filters the latest documents and forweards only selected ones to the LOG server.
Thank you.