I'm trying to capture log events forwarded from a client host running logstash-forwarder to a server host running logstash (could be different network). The pipeline works fine while using lumberjack input plugin with ssl certificate and ssl key in place(logstash-2.4.0).
However, now I need to capture an event on the logstash host (server), verify the source host is a valid client based on its IP address and then forward the message as it is to the logstash pipeline.
I've tried the logstash tcp input plugin, but the client fails with the message Failed to tls handshake with XX.XX.XX.XX read tcp XX.XX.XX.XX:5043: i/o timeout.
I've also tried running my own SSL server, but it receives an encrypted message. However, I'm able to obtain the source IP of the client with this approach.
Is there a way to achieve this using the logstash pipeline itself and not having to run an external server, so that I can avoid the overhead of dealing with concurrent incoming client requests?