The Elastic Stack is very popular for handling logs. When you use Elastic Cloud and Elastic Stack, Elastic Cloud takes care of the Elasticsearch and the Kibana components. For now, you will need to run Logstash yourself.
Configuring your Logstash agents to send log events to your Elasticsearch cluster on Elastic Cloud is easy.
To send logs to Elasticsearch, you will need to use the elasticsearch-output.
To point it at Elastic Cloud, you need to specify:
-
The right
host -
A
userandpassworddefined in X-Pack (Shield in versions before 5.0) -
Set the
protocoltohttp -
Enable
ssl -
Set the
portto 9243 or 443
For example:
output {
elasticsearch {
hosts => "1923a78952f7e6c94fa5c998e5fc6286c0941b90.eu-west-1.aws.found.io"
user => "admin"
password => "3r15qw0vibri9jv6rn"
protocol => http
ssl => true
port => "9243"
}
}