I´ve been reading up on telemetry streaming, but seems as I´m missing something. Most guides use logstash, but i want to send telemetry directly to elastic.
Can anyone help out with that declrarations to send ?
@kimhenriksen - your question kinda landed at a holiday-centric time; and it may be buried now for many people. Have you made any progress? If not (or if partial) I'm happy to hunt around internally for a SME who may be able to provide guidance.
I think I saw some info about it in a lab guide (UDF if might be called.. ), not sure. But the part I have access to didnt explain it all, or give supply the commands used.
But if you´re able to find something in-house I´d be glad to have something to read 🙂
Hi, Logstash is elastic. It's normally known as ELK which is now part of what i think they call elasticsearch stack. Elasticsearch is the nosql DB Logstash is the data ingestor & Kibana is the gui front end. Now they are movinfg towards the agent approach or the use of the slightly older filebeat, metric beat agent. Which pretty much does the same job as logstash it takes one protocol syslog/telemetry and converts this into fields that elastic can process and collate. I think they are trying to move this again more into the ingest node, but it all depends on how you want to deploy it.
So really, what i think you need to look for and i'd love to be copied in if its ever found as i've asked before and it didn't go far is either config for logstash or the agent to convert telemetry info into elastic.
As I´ve understood if logstash is the syslog receiver that translates the data for elastic. But, some are moving away from the logstash part and just doing the EK minus L. And from what I´ve read is seems to be possible to use a push/pull method to update elastic directly.. and not have to use logstash. It´s a different setup.. but a little more modern i think.
It´s just the How I´m looking for now. We´ll see what I´ll find 🙂
