logstash

install

Allert

start and add to autostart

Main configuration file /etc/logstash/logstash.yml

 

copy test certificate from /etc/elasticsearch/ to /etc/logstash/conf.d/

create /etc/logstash/conf.d/logstash-filter.conf