i wanted to be informed when specified Logentries appears in ELK.
I found something in this direction on the icinga website and with a bit “fummelei” i get it to fly.
It’s a Logstashfilter and output who pushes passive checks into icinga via an API-User.
My question: what rights needs this user?
I want to keep it as secure as much.