Cyb3rWard0g
commented
3 years ago Hey @badroum ! Can you provide more information to your question? Do you mean push events to an external ELK? Like HELK-KAFKA -> HELK-LOGSTASH -> EXTERNAL-LOGSTASH?
Closed badroum closed 3 years ago
Cyb3rWard0g
commented
3 years ago Hey @badroum ! Can you provide more information to your question? Do you mean push events to an external ELK? Like HELK-KAFKA -> HELK-LOGSTASH -> EXTERNAL-LOGSTASH?
erezhazan1
commented
3 years ago Hey! I'm not sure what exactly is the meaning of his question, but I got a similar one. Is it possible to push events from logstash to a different ELK setup? Meaning Winlogbeat --> kafka --> logstash --> add another output to a different ELK setup.
To be more specific:
output { lumberjack { hosts => xxxx port => 5006 ssl_certificate => "/usr/share/logstash/keys/TrustExternalCARoot.crt" codec => "json_lines" } }
the external ELK setup is a SAAS setup.
Cyb3rWard0g
commented
3 years ago Oh yeah for sure. That's possible. . Following this syntax https://www.elastic.co/guide/en/logstash/current/plugins-outputs-lumberjack.html
badroum
commented
3 years ago Hello, Sorry for the late response. The purpose of my question is twofold, as I already have an ELK cluster on other VMs, I would like to use them already present on it with HELK. Then, to know if HELK is compatible with open distro.
hello I would have liked to know if HELK could be easily plugged to an external ELK.