I have setup ELK on AWS EC2. and started sending logs to it. But after 1 week logserver stopped working due to less space on device.
So I need to move the logs to S3 . But no idea of that.
Please help me to start with it.
Thanks
You can use S3 to store snapshots of old logs. You could also use Logstash to extract data from ES and then send to S3.
You will still need to delete data from ES once you have done the extract though. The data in S3 will also not be available to query, you will need to reimport it to ES.
I see your links to create snapshots and extract data from ES. But I dont understand much from these links.
Is it possible to store logs in S3 without creating snapshots, also view logs in kibana directly from S3?
Can you explain in a simple way?
No you cannot.
In what condition this restore should be performed?
If I need to view some old logs, Should I need to restore from S3 snapshot?
or
If logserver failed ?
Either are valid restore requirements.