将日志从 AWS Cloudwatch 日志组发送到 Opendistro EFK

Question

有没有办法将日志从 AWS Cloudwatch 日志组发送到 Opendistro EFK？ 我正在使用具有 elasticsearch 版本 7.10.2 的 opendistro，该版本已在 EKS 集群中使用 helm 进行配置。 我尝试使用 functionbeat 7.10.2，但是一旦我尝试发送示例 cloudwatch 日志数据，它就会引发错误：

2021-10-21T19:17:32.605Z    ERROR   [publisher_pipeline_output] pipeline/output.go:154  Failed to connect to backoff(elasticsearch(https://******.io:443)): Connection marked as failed because the onConnect callback failed: 169.254.40.221 requires the default distribution of Elasticsearch. Please update to the default distribution of Elasticsearch for full access to all free features, or switch to the OSS distribution of 169.254.40.221.
2021-10-21T19:17:32.605Z ERROR [publisher_pipeline_output] pipeline/output.go:154 Failed to connect to backoff(elasticsearch(https://******.io:443)): Connection marked as failed because the onConnect callback failed: 169.254.40.221 requires the default distribution of Elasticsearch. Please update to the default distribution of Elasticsearch for full access to all free features, or switch to the OSS distribution of 169.254.40.221.

是否有与 opendistro Elasticsearch 7.10.2 兼容的 functionbeat 版本？ 是否有任何其他节拍可用于将日志从 AWS cloudwatch 发送到 Open distro EFK？

Answer 1

使用 kinesis 和自托管的 logstash 可以工作，使用 kinesis 是有成本的