I've been setting up a centralized log server to collect data from our servers, switches, access points etc. I have a folder on the log server that contains apache log files from a remote machine (/var/log/production). Currently I have filebeat picking up this log data and sending it into elasticsearch. My problem is when I query elasticsearch for data that I know to be coming from the remote machine, the results are showing that the hostname for this data is the logserver itself. Is there a way to configure filebeat.yml or my filebeat module to specify the hostname for these particular log files before it goes to elasticsearch?
Apologies if this seems trivial or a roundabout way of doing things, i'm an elastic noob.