self-hosted/dockerfiles
1
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2025-10-30 23:47:48 +02:00
Code Issues Releases Activity
Files
7a2be93ddc735514a8d9b896a03538bf5462e7cc
dockerfiles/elk
History
kev 4c038f859d update elk
2019-08-04 15:02:27 +08:00
..
arm/elasticsearch
update
2016-11-01 18:24:37 +08:00
curator
update elk
2018-11-05 17:40:02 +08:00
data
update logstash.yml
2019-08-03 14:45:28 +08:00
docker-compose.yml
update elk
2019-08-04 15:02:27 +08:00
README.md
update elk
2019-08-03 14:36:15 +08:00

README.md

ELK

  • Elasticsearch
  • Logstash
  • Kibana
  • APM Server

How it works

Up and running

$ sysctl -w vm.max_map_count=262144
$ vi /etc/sysctl.conf
  vm.max_map_count = 262144
$ chown -R 1000:1000 data
$ docker-compose up -d

Delete indices older than 7 days

File: delete-indices.yml

---
actions:
  1:
    action: delete_indices
    description: >-
      Delete indices older than 7 days (based on index name), for logstash-
      prefixed indices. Ignore the error if the filter does not result in an
      actionable list of indices (ignore_empty_list) and exit cleanly.
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: prefix
      value: logstash-
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y.%m.%d'
      unit: days
      unit_count: 7

File: ~/.curator/curator.yml

client:
  hosts:
    - 127.0.0.1

$ pip install elasticsearch-curator
$ curator delete-indices.yml

Send container's log to ELK

input {
  gelf {
    port => 12201
  }
}

test:
  image: alpine
  command: 'sh -c "while :; do date; sleep 1; done"'
  log_driver: gelf
  log_opt:
    gelf-address: udp://x.x.x.x:12201
    tag: test

Search tag: test in kibana to show recent logging.