To send logs to a hosted ELK, first add the ELK integration in the Cyral UI.
Create the integration under integrations page. See the screenshot below to find Elasticsearch and Kibana URLs for hosted ELK. To get the URL, click "Copy endpoint".
Once the integration has been created, go to the sidecar page in the UI and select the sidecar you want to update, and click on download template. In the Download Template popup, select the ELK integration in the Log integration field. Once the template has been downloaded, manually edit it to add the ELK username and password in the following entries:
# Integrations
elk_address = “<elasticsearch URL:port>”
elk_username = “user”
elk_password = “password”Make sure the port number is appended on the elk_address field. Then update the sidecar with Terraform using the updated template.
