My current project has been to rebuild my home DShield sensor from a Rasberry Pi to a Ubuntu 20.04.5 LTS server to be able to process my sensor logs into Elasticsearh. I use as a guide the example listed here (my ELK is version 8.x) sending the cowrie.json logs to a remote ELK server (version 8.4.1) using Filebeat and Logstash. However, my steps were a little different than the reference:
Article Link: https://isc.sans.edu/diary/rss/29458