algorand-to-elk
Starting the ELK Stack using the Docker-Compose file
- Intall Docker Compose
- While in this repository's folder, run
docker-compose up - To stop the container while keeping the contents for next time the container runs, run
docker-compose stop- To wipe the contents of the container and delete it, run
docker-compose down
- To wipe the contents of the container and delete it, run
Configuring Logstash in the ELK container
- Place
algo-logs.confin the/etc/logstash/conf.d/directory in the ELK container.- To get a bash shell in the ELK container, run
docker exec -it <container name> bash - Ensure no other configurations in the
/etc/logstash/conf.ddirectory are using the same port asalgo-logs.conf.
- To get a bash shell in the ELK container, run
Configuring Filebeat on the Algorand node server
- Install Filebeat on the server running the Algorand node.
- Place
filebeat.ymlin the/etc/filebeat/directory on the Algorand node. - Create a service for Filebeat to run on boot for the server.
Configuring the Kibana instance
- Once the service is created and running, navigate to the URL of Kibana on the ELK Container.
- If running locally on the Algorand node, it is
localhost:5601
- If running locally on the Algorand node, it is
- Once the Elastic page has loaded, create an index pattern.
- Search
index patternin the Elastic search bar at the top center of the page. - Name the index pattern as
algorand*. - Use the custom index pattern ID of
23d30fa0-660f-11ec-8f1b-ff4528ad4930under advanced settings. 
- Search
- Import the dashboard (
dashboard-to-import.ndjson).- Use curl to do so via Kibana's API
curl -X POST localhost:5601/api/saved_objects/_import -H "kbn-xsrf: true" --form file=@dashboard-to-import.ndjson
- Use curl to do so via Kibana's API
