Hello ,
I have 2 machines , on first machine i have logstash conf file that points to the 2nd machine and PacketBeat services running on both machines. On 1st machine i have ElasticSearch engine and do i realy need it ? I assume that only PacketBeat service is enough for transfer data between two machines?
Tnx
Vadim
I don't understand. Is your setup like:
packetbeat [1] --|
|-- > logstash [2] -> elasticsearch [1]
packetbeat [2] --|
with [1] being machine 1 and [2] being machine 2? packetbeat can directly send to elasticsearch (See docs).
Hi, tnx for response
I already configured it by your way and it works.
Tnx