Hi folks,
I am using Elastic Stack 7.9, and I have 11 VMs like below;
1 - Elasticsearch Client Node (also injest) + Kibana
2,3 - Elasticsearch Master Nodes
4 - Elasticsearch Voting-only Master Node
5,6,7 - Elasticsearch Data Nodes
8,9 - Logstash Nodes
10,11 - Filebeats
I would like to monitor all these nodes using x-pack monitoring, so that I can see the health, whether the instance is up / not etc. But, here I don't have a separate monitoring cluster, and thus I cannot proceed with Metricbeat based monitoring as explained here https://www.elastic.co/guide/en/elasticsearch/reference/current/monitoring-overview.html
I have two doubts;
-
I would like to monitor all the above nodes, and which IPs should be mentioned in the
xpack.monitoring.elasticsearch.hostssetting? For example here https://www.elastic.co/guide/en/logstash/current/monitoring-internal-collection-legacy.html you can see the configuration of x-pack in Logstash (showing Deprecated in 7.9.0, is it because I am not using another monitoring cluster?) -
I am exporting logs from Filebeat to Kafka topic, and from there to Elasticsearch using Logstash. Currently, I have configured data node IPs in the
output->elasticsearchsection, and data is coming in Elasticsearch. So, is it correct to mention data nodes as Elasticsearch output of Logstash, or is it some other node that has to be mentioned there?
Thanks.