Versions Compared

Old Version 1

changes.mady.by.user John

Saved on

compared with

New Version 2

changes.mady.by.user John

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

vi docker-compose.yml



docker-compose.yml


Code Block
titledocker-compose.ym
version:

...

 "3.3"

...


services:

...


  elasticsearch:

...


    container_name:

...

 elasticsearch6
    image: docker.elastic.co/elasticsearch/elasticsearch:6.2.3

...


    hostname:

...

 elasticsearch
    environment:
      - discovery.type=single-node

...


      - "ES_JAVA_OPTS=-Xms512m -Xmx1024m"

...


      - ELASTIC_PASSWORD=changeme

...


      - bootstrap.memory_lock=true

...


    volumes:
      - ./data:/usr/share/elasticsearch/data

...


    ports:
      - 9200:9200
      - 9300:9300
 
  logstash:
    container_name:

...

 logstash6
    image: docker.elastic.co/logstash/logstash:6.2.3

...


    hostname:

...

 logstash
    volumes:
      - ./pipeline/:/usr/share/logstash/pipeline/

...


    ports:
      - 9600:9600
      - 5400:5400
      - 3000:3000
    depends_on:
      - elasticsearch
 
  kibana:
    container_name: kibana6
    image: docker.elastic.co/kibana/kibana:6.2.3

...


    hostname:

...

 kibana
    environment:
      - ELASTICSEARCH_URL=http://elasticsearch:9200

...


    ports:
      - 5601:5601
    depends_on:

...


      - elasticsearch



Define our logstash pipeline

mkdir pipeline

vi pipeline/logstash.conf


Code Block
input {

...


 tcp

...

 {
    port => 5400
    codec => json
 }
 http {
    id => "http"
    port => 3000
 }
}
output {
  stdout {
    codec => rubydebug
  }
  elasticsearch {
    hosts => "elasticsearch:9200"
    user => elastic
    password => changeme
  }
}


Starting and Stoping Kibana

See the status of the containers by issuing the following command:

docker ps -a


CONTAINER ID       

IMAGE   

COMMAND


CREATED

STATUS

PORTS

NAMES

dcb436ad63eedocker.elastic.co/kibana/kibana:6.2.3"/bin/bash /usr/loca…"About an hour agoUp About an hour0.0.0.0:5601->5601/tcpkibana
1b4e8b01e575docker.elastic.co/elasticsearch/elasticsearch:6.2.3"/usr/local/bin/dock…"About an hour agoUp About an hour0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcpelasticsearch

cf433b12ae8e

docker.elastic.co/logstash/logstash:6.2.3

"/usr/local/bin/dock…"

About an hour agoUp About an hour

5044/tcp, 0.0.0.0:9600->9600/tcp

logstash

Start our containers


docker-compose up -d 

...

We will use the logstash TCP plugin to push JSON data into elasticsearch. 

vi test.json


Code Block
{"message":{"someField":"someValue"}}


nc -c localhost 5400 < test.json

...

curl -XPUT 'http://127.0.0.1:3000/twitter/tweet/1' -'hello'

References

Reference

URL

Kibanahttps://www.elastic.co/products/kibana
Kibana User Guidehttps://www.elastic.co/guide/en/kibana/6.x/index.html
Install ElasticSearch on Dockerhttps://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
Install Kibana on Dockerhttps://www.elastic.co/guide/en/kibana/current/_pulling_the_image.html
Installing Logstash on Dockerhttps://www.elastic.co/guide/en/logstash/current/docker.html
Installing APM on Dockerhttps://www.elastic.co/guide/en/apm/server/6.2/running-on-docker.html#running-on-docker
Using the TCP input filter with logstashhttps://stackoverflow.com/questions/35143576/sending-data-to-logstash-via-tcp
TCP Logstash input pluginhttps://www.elastic.co/guide/en/logstash/5.5/plugins-inputs-tcp.html
HTTP Logstash input pluginhttps://www.elastic.co/blog/introducing-logstash-input-http-plugin

Deploying ELK Stack to the Raspberry Pi

https://logz.io/blog/elk-stack-raspberry-pi/