[Intelmq-dev] EleasticSearch Know-How needed
Sebastian Wagner
wagner at cert.at
Mon Apr 6 11:55:48 CEST 2020
Hi Navtej,
On 4/5/20 7:47 PM, Navtej Singh wrote:
> Elastic, like many other datastores, is not very frequently updated.
> Organizations stay on older version for longer duration. Can we keep
> both versions?
Sure. However, that requires some maintenance which I am unable to
provide alone. I would expect that the major element of the maintenance
is testing. For example for the upcoming changes/additions in the ES
output bot, we would need your help in testing the backwards
compatibility with older ES versions.
> As for shipping to ES via LogStash, an alternative could be to use
> filebeat with file-output bot. I have seen setups where out of ELK,
> L(ogstatsh) is not used.
Thanks for the idea. Would anyone on the list be willing to contribute
documentation for this? - The same applies to the Logstash-idea.
best wishes
Sebastian
--
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20200406/1aa63eca/attachment.sig>
More information about the Intelmq-dev
mailing list