如何配置winlogbeat连接到aws elastisearch

nzkunb0c  于 2021-06-14  发布在  ElasticSearch
关注(0)|答案(1)|浏览(445)

我想将windows事件发送到aws elastic search。elasticsearch具有连接所需的api密钥和安全密钥。我在winlog beat配置中找不到。请在下面找到我的yml代码。


# ---------------------------- Elasticsearch Output ----------------------------

output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["localhost:9200"]
   hosts: ["https://vpc-manufacturing-elasticsearch-celm5zj5gcf45hpghulnxshco4.ap-southeast-2.es.amazonaws.com"]
  # Protocol - either `http` (default) or `https`.
  #protocol: "https"

  # Authentication credentials - either API key or username/password.
  #api_key: "id:api_key"
  #username: "elastic"
  #password: "changeme"
    region:"where to specify"
    aws_access_key_id:"where to specify"
    aws_secret_access_key:"where to specify"
  #User: es-mfg
whlutmcx

whlutmcx1#

beats不支持aws身份验证。您可以选择:
在AmazonElasticSearch服务中设置细粒度访问控制,启用基本身份验证并继续elasticsearch输出。
对于基于iam的域访问策略,请设置logstash,安装logstash output amazon es plugin并正确设置访问凭据。最后,在beat中配置logstash输出,指向这个logstash示例。

相关问题