Hello everyone,
I am using logstash on a linux based server . I am collecting the logs on this server and after processing the logs with logstash i want to send these logs to elastic search which is on an amazon ec-2 instance . for this what are the changes i will have to make in logstash config file and elasticsearch.yml ,logstash.yml file...i am changing the logstash output filter from hosts => ["localhost:9200"] to hosts => ["ec-2ip:9200"] . Do i have to change anything else or should there be any protocol enabled between these two servers . TCP is enabled between them.
Thanks in advance
You might need to provide also authentication details as well as certificates of required.
sorry i didn't get you. authentication details of what? You mean to say elastic search authentication details??
and which certificates you are saying
in case if u are using a ssl certificate in logstash and elastic you have to mention in the ssl certificate path in the config file at output... and if u are using authentication mechanism in elastic(ur elastic server is enabled with username and password) then those details also has to be in config file.
https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html
This is applicable only if certificate and authentication is enabled else in output ur elastichosts and index name is enough