AWS CloudFormation templates for building log server instances.
Name | Version |
---|---|
Elasticsearch | 0.90.1 |
Logstash | 1.1.12 |
Kibana 3 | Master branch |
Nginx | Latest from RPM repositiory |
Name | Description | Default |
---|---|---|
KeyName | Name of an existing EC2 KeyPair to enable SSH access | ssh-ec2-instances |
NodeName | Name of the elasticsearch node | Lucky Luke |
ServerName | DNS name for the Kibana frontend | kibana.domain.com |
InstanceType | A valid EC2 instance type | m1.small |
VolumeSize | Volume size for each EBS volume in GB | 10GB |
AccessFrom | Restrict instance access to this address | 0.0.0.0/0 |
TopicEmail | The email to which critical errors should be sent |
For VPC instances there are two more parameters.
Name | Description |
---|---|
VpcId | VpcId of your existing Virtual Private Cloud (VPC) |
SubnetId | SubnetId of an existing subnet in your Virtual Private Cloud (VPC) |
The template creates also a security group for the log server instance. The group has the following inbound connections enabled.
Protocol | Port | Range | Service | Description |
---|---|---|---|---|
TCP | 22 | The value for AccessFrom |
SSH | SSH access |
TCP | 80 | The value for AccessFrom |
HTTP | To access the Kibana3 frontend |
TCP | 5544 | The value for AccessFrom |
Logstash | To send log messages via Syslog |
UDP | 5544 | The value for AccessFrom |
Logstash | To send log messages via Syslog |
TCP | 9200 | The value for AccessFrom |
Elasticsearch | To send log messages via Logstash |
The single access permissions should be changed after the instance has been created. The initial settings are only available, to restrict the access to a secure network, during instance initialization.
The template creates a log file for the setup. If something goes wrong then disable the Rollback on Failure option in the Advanced options. Then look at the file /var/log/setup.log
for reasons why the creation failed.
See the wiki for additional logstash configurations.
This project is Open Source and released under the terms of the New BSD License.