nxlog to elasticsearch replace logstash
Looks like nxlog could be used to send log data to elasticsearch and replace logstash. Looking through the documentation and it looks like you can only provide 1 url/host for elastic in the nxlog config. With logstash we define the cluster of servers, in our case 6. Can multiple host node members be defined in the nxlog elastic configuration? Also it is referencing bulk, can the messages also be sent without sending in bulk?
Hi Earl,
As rightly said, Nxlog can be used as a perfect replacement for logstash thus ENK stack. You can provide multiple URL/host on a single Output module. If multiple URL directives are specified, the module works in a failover configuration. If a destination becomes unavailable, the module automatically fails over to the next one. If the last destination becomes unavailable, the module will failover to the first destination. You can also use multiple output modules with each, having its own configurations and working independently of each other.
Additionally, the URL should point to the _bulk endpoint. This is required else, Elasticsearch will return an HTTP 400 bad request. I hope this helps.
