FluentD

To use FluentD with Humio, you’ll obviously first have to install FluentD. Please refer to the FluentD Downloads Page with installation guides. For the full documentation on FluentD please see their Quick Start Guide.

Elastic Output Plugin

You’ll have to configure the Elasticsearch Output Plugin. Below is an example of how you might configure the output plugin for Humio Cloud:

<match **>
  @type           elasticsearch
  host            cloud.humio.com
  port            9200
  scheme          https
  ssl_version     TLSv1_2
  user            ${MyRepoName}
  password        ${MyIngestToken}
  logstash_format true
</match>

In the example here, host is the hostname of your Humio instance. The port is where Humio is exposing the Elastic endpoint. Don’t forget to enable the Configuration parameter ELASTIC_PORT. Replace MyRepoName with your Humio repository name and MyIngestToken with your ingest token.

Depending on whether TLS is enabled on host:port, scheme should be set to either https or http. Humio Cloud has TLS enabled. In some cases it’s necessary to specify the SSL version, so set ssl_version as you see here. The user should be repository name, and the password should be the ingest token.

The example below is the same configuration for the output plugin, but for a self-hosted Humio installation:

<match **>
  @type           elasticsearch
  host            humio.acme.local
  port            9200
  scheme          http
  user            ${MyRepoName}
  password        ${MyIngestToken}
  logstash_format true
</match>

Be sure to replace MyRepoName with your Humio repository name, and MyIngestToken with the ingest token for your repository.