Oskar K. Oskar K. - 1 month ago 19
Linux Question

Logs and ELK stack on separate servers, how to display the logs?

I have logs on one server and ELK stack -- ElasticSearch, Kibana, Logstash -- on another. I want to display the logs, which are on the 1st server, in Kibana, which is on the 2nd one.

How can I do that? Is logstash capable of retrieving logs over the internet from a remote server?

Answer

Your best bet is to use Filebeat on server one and send the logs to the logstash server.

https://www.elastic.co/products/beats/filebeat