diff options
-rw-r--r-- | elk/docker-compose.yaml | 12 | ||||
-rw-r--r-- | elk/filebeat.yml | 41 | ||||
-rw-r--r-- | elk/logstash.conf | 19 | ||||
-rw-r--r-- | elk/logstash.yml | 7 |
4 files changed, 75 insertions, 4 deletions
diff --git a/elk/docker-compose.yaml b/elk/docker-compose.yaml index 21380b7..60f36d9 100644 --- a/elk/docker-compose.yaml +++ b/elk/docker-compose.yaml @@ -16,6 +16,7 @@ services: - lognet ports: - "127.0.0.1:9200:9200" + - "172.17.0.1:9200:9200" - "127.0.0.1:9300:9300" environment: - ES_JAVA_OPTS=-Xms256m -Xmx256m @@ -44,6 +45,7 @@ services: volumes: - ./logstash.yml:/usr/share/logstash/config/logstash.yml:ro - ./logstash.conf:/usr/share/logstash/pipline/logstash.conf:ro + # docker run docker.elastic.co/beats/filebeat:8.10.2 setup -E setup.kibana.host=172.17.0.1:5102 -E output.elasticsearch.hosts=["172.17.0.1:9200"] kibana: image: kibana:8.10.1 deploy: @@ -60,6 +62,7 @@ services: - lognet ports: - "127.0.0.1:5102:5601" + - "172.17.0.1:5102:5601" depends_on: - elasticsearch volumes: @@ -82,14 +85,15 @@ services: - lognet depends_on: - elasticsearch - environment: - - setup.kibana.host=kibana:5601 - - output.elasticsearch.hosts=["http://elasticsearch:9200"] + # environment: + # - setup.kibana.host=kibana:5601 + # - output.elasticsearch.hosts=["http://elasticsearch:9200"] volumes: - log-data:/logs/ - - /var/lib/docker/containers:/usr/share/dockerlogs/data:ro + - /home/devi/ssd1/docker/containers:/usr/share/dockerlogs/data:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./filebeat.yml:/usr/share/filebeat/filebeat.yml:ro + - /var/log:/usr/share/var/log:ro volumes: elk-data: log-data: diff --git a/elk/filebeat.yml b/elk/filebeat.yml new file mode 100644 index 0000000..ea8fc5d --- /dev/null +++ b/elk/filebeat.yml @@ -0,0 +1,41 @@ +name: filebeat + +filebeat.config: + modules: + path: ${path.config}/modules.d/*.yml + reload.enabled: false + +# filebeat.autodiscover: +# providers: +# - type: docker +# hints.enabled: true + +filebeat.inputs: + - type: container + enabled: true + paths: + - /usr/share/dockerlogs/data/*/*.log + - type: filestream + enabled: true + paths: + - /usr/share/var/log/*.log + +processors: +- add_cloud_metadata: ~ + +output.elasticsearch: + enabled: true + hosts: [ "http://elasticsearch:9200" ] + username: "elastic" + password: "changeme" + +# output.logstash: +# enabled: true +# hosts: [ "http://logstsh:5044" ] + +# setup.kibana: +# host: "http://kibana:5601" + +# http: +# enabled: true +# host: 0.0.0.0 diff --git a/elk/logstash.conf b/elk/logstash.conf new file mode 100644 index 0000000..0440f5d --- /dev/null +++ b/elk/logstash.conf @@ -0,0 +1,19 @@ +input { + beats { + port => 5044 + } + + # tcp { + # port => 50000 + # } +} + +## Add your filters / logstash plugins configuration here + +output { + elasticsearch { + hosts => ["elasticsearch:9200"] + ssl => false + index => "logstash" + } +} diff --git a/elk/logstash.yml b/elk/logstash.yml new file mode 100644 index 0000000..a81b89b --- /dev/null +++ b/elk/logstash.yml @@ -0,0 +1,7 @@ +--- +## Default Logstash configuration from Logstash base image. +## https://github.com/elastic/logstash/blob/main/docker/data/logstash/config/logstash-full.yml +# +http.host: 0.0.0.0 + +node.name: logstash |