Apica LogFlow
  • Overview
  • EULA
    • End User License Agreement
  • Getting Started Guide
    • Deployment guides
  • Architecture
    • Never Block, Never Drop
    • InstaStore
    • Deployment
  • Flow Management
    • Overview
    • Forwarders
    • Mapping Applications
    • Data Transformation
  • Splunk Forwarding
    • Overview
    • Apica UF Proxy App Extension
      • Standalone Instance
      • List of Indexer instances
      • Indexer Discovery
    • Metric indexes
    • Non metric indexes
    • Syslog forwarding
  • Real-time Stream Forwarding
    • Overview
    • AWS Kinesis
    • Azure Eventhub
    • Google Pub/Sub
  • Forwarding To Data Warehouse
    • Overview
    • GCP Bigquery
  • Object Store Forwarding
    • Overview
    • S3 Compatible
    • Azure Blob Storage
  • Forwarding to monitoring tools
    • DataDog Forwarding
    • New Relic Forwarding
    • Dynatrace Forwarding
    • Elasticsearch Forwarding
    • Coralogix Forwarding
    • Azure Log Analytics Forwarding
    • JS Code Forwarding
  • Security Monitor Forwarding
    • Overview
    • Arc Sight
    • RSA New Witness
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Forwarding to monitoring tools

Elasticsearch Forwarding

This page explains how to forward logs to Elasticsearch from Apica.

PreviousDynatrace ForwardingNextCoralogix Forwarding

Last updated 1 year ago

Was this helpful?

To Generate API Key from Elasticsearch, please follow the instructions in this .

Steps to Create Elasticsearch Forwarding

To forward your logs to Elasticsearch, begin by logging into Apica's website.

  • Navigate to the Create tab and select the option for Forwarder.

  • Next, choose Elasticsearch(HTTP event collector) from the available options; this will bring up a new form with fields such as API Token, Buffer Size, Index, etc. Fill out the required data in these fields and click Create.

Create Forwarder:

Apitoken:      <ELASTIC-API-KEY>
Buffer_size:   20000
Index:         <INDEX-NAME>
Password:      <PASSWORD>
Type:          _json
Urls:          <ELASTIC-ENDPOINT>
User:          <USERNAME>
Name:          Elasticsearch

  • Next, head over to the Explore page and pick out a namespace you wish to forward your logs to Elasticsearch from.

  • Click on the three dots icon located next to the calendar and opt for Map Forwarder; this will open a new modal which allows you to choose the newly created Elasticsearch forwarder schema (this can be identified via its Elasticsearch icon).

  • Confirm your selection by clicking OK.

  • A successful mapping is indicated by a popup showing that namespace-application pairs are connected with respective forwarders; additionally, you'll notice an updated Namespace Forwarder status in effect.

  • Your logs are now being forwarded to Elasticsearch.

To help make the steps easier to understand, below are the screenshots illustrating each of the instructions given above.

link
Forwarders List (Create -> Forwarder)
New Forwarder
Create Forwarder
Select a Namespace
Map Forwarder
Selecting Elasticsearch schema
Successful mapping