/elk-stack-docker

A simple docker-compose to up and explore how ELK works and put everything together. Oh, I used a simple app as well to try it.

Primary LanguagePythonMIT LicenseMIT

ELK Stack: Docker Compose

Requirements

  • Docker
  • Docker Compose CLI
  • Python3.10+
  • Pip

Start the log application

# create a virtual environment
python -m venv venv
source venv/bin/activate
pip install faker

# run app
python log_generator.py

What it do?

It will create a file in root where will have all fake logs to be collected by Filebeat and put it in Logstash to be parsed and write in Elasticsearch. To finally see everything on Kibana.

Running Stack

After that, just for this exploration, copy the logs.log content into noSpoon.log and do the follow command:

docker-compose up -d

Access Kibana

Go to your web brownser and paste the url: http://localhost:5601/

And taram! Kibana is working, now let's configure our new index patter.

At Kibana UI, go to:

  • Stack Management > Index Management
    • See if exists any index called: filebeat-7.17*
    • If yes, go ahead...
  • Now go to: Index Patters > Create a Index Patter > Write fi*
    • In the drop-down, select @timestamp and create it.
  • Now, do ahed to Discover and see if everything works (your logs are there\o/)

That's it! Happy fun.