Skip to content

jinfanzon/docker-elk-1

 
 

Repository files navigation

elk-logo ELK Stack Dockerfile

License

This repository contains a Dockerfile of ELK for Docker's trusted build published to the public Docker Registry.

Dependencies

Image Size

Image Tags

$ docker images

REPOSITORY          TAG                 VIRTUAL SIZE
blacktop/elk        latest              757   MB
blacktop/elk        4.2-beta            829   MB
blacktop/elk        3                   542   MB

Installation

  1. Install Docker.

  2. Download trusted build from public Docker Registry: docker pull blacktop/elk

Alternatively, build an image from Dockerfile

$ docker build -t blacktop/elk github.com/blacktop/docker-elk

Usage

$ docker run -d --name elk -p 80:80 -p 9200:9200 blacktop/elk

Now navigate to $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' elk)

To Run on OSX

$ brew install caskroom/cask/brew-cask
$ brew cask install virtualbox
$ brew install docker
$ brew install docker-machine
$ docker-machine create --driver virtualbox dev
$ eval $(docker-machine env dev)

If you are using docker-machine

Navigate to $(docker-machine ip dev)

As a convenience you can add the docker-machine IP to you /etc/hosts file:

$ echo $(docker-machine ip dev) dockerhost | sudo tee -a /etc/hosts

Now you can navigate to http://dockerhost from your host

Example Usage

Let us index some data into Elasticsearch so we can try it out. To do this you can run config/test_index.py which contains the following code:

from datetime import datetime
from elasticsearch import Elasticsearch

es = Elasticsearch(['http://<docker.container.ip>'])

for i in range(10000):
    doc = {'author': 'kimchy', 'text': 'Elasticsearch: cool. bonsai cool.', 'timestamp': datetime.now()}
    res = es.index(index="test-index", doc_type='tweet', id=i, body=doc)
    # print(res['created'])

res = es.get(index="test-index", doc_type='tweet', id=1)
print(res['_source'])

es.indices.refresh(index="test-index")

res = es.search(index="test-index", body={"query": {"match_all": {}}})
print("Got %d Hits:" % res['hits']['total'])
for hit in res['hits']['hits']:
    print("%(timestamp)s %(author)s: %(text)s" % hit["_source"])
  • Navigate to the docker-machine ip or docker ip in a web browser.

  • You will be prompted for a user/pass which defaults to:

  • user: admin

  • password: admin

  • Now enter test-index in the index field and select timestamp

elk-logo

  • Go to the Discover Tab and see those absolutely gorgeous logs!

elk-logo

Todo

  • Install/Run ELK
  • Start Daemon and watch folder with supervisord
  • Expose Logstash config folder as well as Nginx sites folder as Volumes
  • Integrate with Bro-IDS

About

ELK Stack Dockerfile

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 53.2%
  • Python 26.2%
  • Lua 20.6%