How to configure Winlogbeat to connect to AWS elastisearch

413 Views Asked by user2802027 At 04 April 2025 at 23:04

I would like to send windows events to AWS elastic search. The elasticsearch has api key and security key which is needed to connect. I cant find in winlog beat configuration. please find my yml code below.

# ---------------------------- Elasticsearch Output ----------------------------
output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["localhost:9200"]
   hosts: ["https://vpc-manufacturing-elasticsearch-celm5zj5gcf45hpghulnxshco4.ap-southeast-2.es.amazonaws.com"]
  # Protocol - either `http` (default) or `https`.
  #protocol: "https"

  # Authentication credentials - either API key or username/password.
  #api_key: "id:api_key"
  #username: "elastic"
  #password: "changeme"
    region:"where to specify"
    aws_access_key_id:"where to specify"
    aws_secret_access_key:"where to specify"
  #User: es-mfg

Original Q&A

There are 1 best solutions below

ibexit On 19 October 2020 at 08:01

Beats don't support AWS Authentication. Your options are:

Set up Fine-Grained Access Control in Amazon Elasticsearch Service and enable basic auth and proceed with elasticsearch output.
For IAM-based domain access policy set up Logstash, install logstash-output-amazon-es plugin and properly set your access credentials. Finally, configure logstash output in your beat pointing to this logstash instance.

How to configure Winlogbeat to connect to AWS elastisearch

There are 1 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in ELASTICSEARCH

Related Questions in ELASTIC-STACK

Related Questions in ELASTICSEARCH-5

Related Questions in ELK

Trending Questions

Popular # Hahtags

Popular Questions