Dockerfile creating ELK services (Elasticsearch/Logstash/Kibana)
Please use at least 2GB of RAM for this one... See #16
It's available on hub.docker.com, just pull it:
docker pull qnib/elk
It will
- connects with consul, if available
- start sshd
- start logstash
- start diamond
- start StatsD
- start elasticsearch
- start nginx (kibana3)
- start kibana4
How to use kibana3 and kibana4 could be explored within this 'hello world' blog post.
To get the most out of it a carbon container might be added, but this will impose the question whether to go even further and distribute all the services.
If you forward syslog from rsyslogd, you might encounter a mismatch between UTC and CET. To fix this use this configuration:
# Provide a propper timeformat to fix the UTC/CET mismatch
$template forward_template,"<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%"
*.* @@127.0.0.1:5514;forward_template