I am thinking that the architecture which appears most secure is have web servers send httpd logs to a dual homed logstash server who sends them to ES data nodes on a private LAN. Please advise.
Also, it seems to me that anyone able to ping my ES nodes ot establish an http connection can delete any idices via curl. There appears to be a flag to stop AL indices from being deleted, but someone could just as well delete them one by one. Am I missing something?