I am attempting to setup logstash on a server so it can receive logs from aws cloudwath anytime of the day.
Every single example I have seen though, is with users simply running logstash locally and initiating the process locally. That solution will not work for me.
Currently I am using functionbeat to monitor my cloudwatch logs; once a new log lands in a log group functionbeat is watching, it will send that log to my elastic cloud.
I need functionbeat to send my logs to logstach, then for logstach to enrich the logs then send the logs to my elastic cloud. I have no idea how to set up logstach in this manner though. ANY help is appreciated!