mirror of
https://github.com/vimagick/dockerfiles.git
synced 2025-04-23 12:08:49 +02:00
Added ELK (UNTESTED)
This commit is contained in:
kev
parent
dfc0f2ba3b
commit
05e0406a74
@ -212,6 +212,7 @@ A collection of delicious docker recipes.
|
|||||||
- [x] certbot
|
- [x] certbot
|
||||||
- [x] drone/drone
|
- [x] drone/drone
|
||||||
- [x] drupal
|
- [x] drupal
|
||||||
|
- [x] elk
|
||||||
- [x] ghost
|
- [x] ghost
|
||||||
- [x] gitlab/gitlab-ce
|
- [x] gitlab/gitlab-ce
|
||||||
- [ ] gliderlabs/logspout
|
- [ ] gliderlabs/logspout
|
||||||
|
|||||||
6
elk/README.md
Normal file
6
elk/README.md
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
ELK
|
||||||
|
===
|
||||||
|
|
||||||
|
- Elasticsearch
|
||||||
|
- Logstash
|
||||||
|
- Kibana
|
||||||
6
elk/conf/01-lumberjack-input.conf
Normal file
6
elk/conf/01-lumberjack-input.conf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
input {
|
||||||
|
lumberjack {
|
||||||
|
port => 5000
|
||||||
|
type => "logs"
|
||||||
|
}
|
||||||
|
}
|
||||||
6
elk/conf/02-beats-input.conf
Normal file
6
elk/conf/02-beats-input.conf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
input {
|
||||||
|
beats {
|
||||||
|
port => 5044
|
||||||
|
ssl => false
|
||||||
|
}
|
||||||
|
}
|
||||||
13
elk/conf/10-syslog.conf
Normal file
13
elk/conf/10-syslog.conf
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
filter {
|
||||||
|
if [type] == "syslog" {
|
||||||
|
grok {
|
||||||
|
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
|
||||||
|
add_field => [ "received_at", "%{@timestamp}" ]
|
||||||
|
add_field => [ "received_from", "%{host}" ]
|
||||||
|
}
|
||||||
|
syslog_pri { }
|
||||||
|
date {
|
||||||
|
match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
7
elk/conf/11-nginx.conf
Normal file
7
elk/conf/11-nginx.conf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
filter {
|
||||||
|
if [type] == "nginx-access" {
|
||||||
|
grok {
|
||||||
|
match => { "message" => "%{NGINXACCESS}" }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
9
elk/conf/30-output.conf
Normal file
9
elk/conf/30-output.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
output {
|
||||||
|
elasticsearch {
|
||||||
|
hosts => ["elasticsearch"]
|
||||||
|
sniffing => true
|
||||||
|
manage_template => false
|
||||||
|
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
|
||||||
|
document_type => "%{[@metadata][type]}"
|
||||||
|
}
|
||||||
|
}
|
||||||
33
elk/docker-compose.yml
Normal file
33
elk/docker-compose.yml
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
version: '2'
|
||||||
|
services:
|
||||||
|
elasticsearch:
|
||||||
|
image: elasticsearch:5.0
|
||||||
|
ports:
|
||||||
|
- '9200:9200'
|
||||||
|
- '9300:9300'
|
||||||
|
volumes:
|
||||||
|
- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
||||||
|
- ./data:/usr/share/elasticsearch/data
|
||||||
|
mem_limit: 4g
|
||||||
|
ulimits:
|
||||||
|
memlock:
|
||||||
|
soft: -1
|
||||||
|
hard: -1
|
||||||
|
nofile:
|
||||||
|
soft: 65536
|
||||||
|
hard: 65536
|
||||||
|
cap_add:
|
||||||
|
- IPC_LOCK
|
||||||
|
logstash:
|
||||||
|
image: logstash:5.0
|
||||||
|
ports:
|
||||||
|
- '5000:5000'
|
||||||
|
- '5044:5044'
|
||||||
|
volumes:
|
||||||
|
- ./conf:/etc/logstash/conf.d
|
||||||
|
kibana:
|
||||||
|
image: kibana:5.0
|
||||||
|
ports:
|
||||||
|
- '5601:5601'
|
||||||
|
environment:
|
||||||
|
- ELASTICSEARCH_URL=http://elasticsearch:9200
|
||||||
2
elk/elasticsearch.yml
Normal file
2
elk/elasticsearch.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
network.host: 0.0.0.0
|
||||||
|
bootstrap.mlockall: true
|
||||||
Loading…
x
Reference in New Issue
Block a user