commandline-be
commented
3 years ago You need to reconfigure elastic to have a listener on the network or tunnel the filebeat traffic to the machine.
But it is possible.
You may also consider a multi-node setup such as documented.
Hi!
It is possible to have a second server only running suricata and install rockNSM on another and fetch the logs via Filebeat?
Or, it must be all local?
Cheers!