Giter Site home page Giter Site logo

elk's Introduction

ELK Docker Containers

This repo contains the configuration files and Dockerfiles to build individual Elasticsearch, Logstash and Kibana containers with a lightweight Alpine based image. You can use Docker Compose to build and run the containers.

Prerequisites

You will need to have Docker and Docker Compose installed.

Elasticsearch vm_max_map_count

The vm_max_map_count kernel setting needs to be set to at least 262144. Update /etc/sysctl.conf with the following line:

vm.max_map_count=262144

Or issue the command from the terminal as root

sysctl -w vm.max_map_count=262144

Up and Running

Create a Logstash configuration file:

  cp logstash/assets/logstash-template.conf  logstash/assets/logstash.conf

Start the containers:

docker-compose up -d

Docker Compose creates an Nginx proxy container that is linked to the Kibana container. You can connect to it on port 80 of your host. You will need to send an event before we can "Configure an index pattern."

The default Logstash configuration creates a TCP input that listens on port 24642. You can manually send events to Logstash by issuing the following:

 echo -e "[Some Log Type][Data] This is our first event!" | nc localhost 24642

Mounted Volumes and Configurations

Updating Logstash.conf

This stack takes advantage of Volume mounting to facilitate quick configuration changes. When you make a change to logstash/assets/logstash.conf you can apply the change by restarting the container:

 docker-compose restart logstash

Data Persistance

In order for your Elasticsearch data to persist the data directory is mounted at:

elasticsearch/volumes/esdata

Enabling HTTPS

You can quickly enable HTTPS on the Nginx container by adding your certs the nginx/assets/certs directory, updating the nginx/assets/default-ssl-example.conf file with your certificate names and making it the default.conf file:

cp nginx/assets/default-ssl-example.conf nginx/assets/default.conf
docker-compose restart nginx

Versions

Elasticsearch, Logstash and Kibana containers are built with an official Java image.

  • Elasticsearch Version 2.3.0
  • Logstash Version 2.3.0
  • Kibana Version 4.5.0

Notes

I added a tty=true to the Logstash launch options because it kept immediately shutting down after start up completed.

Elasticsearch is run as root, which is not recommended.

Resources

I used the following resources when creating this stack:

elk's People

Contributors

jonbrouse avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.