{"id":911,"date":"2020-01-21T12:32:44","date_gmt":"2020-01-21T10:32:44","guid":{"rendered":"https:\/\/www.rocworks.at\/wordpress\/?p=911"},"modified":"2020-01-22T17:34:04","modified_gmt":"2020-01-22T15:34:04","slug":"store-docker-logs-in-elasticsearch-with-filebeat","status":"publish","type":"post","link":"https:\/\/www.rocworks.at\/wordpress\/?p=911","title":{"rendered":"Store Docker Logs in Elasticsearch with Filebeat…"},"content":{"rendered":"\n

Create a filebeat configuation file named “filebeat.yaml”<\/h2>\n\n\n\n
filebeat.config:\n  modules:\n    path: ${path.config}\/modules.d\/*.yml\n    reload.enabled: false\n\nfilebeat.autodiscover:\n  providers:\n    - type: docker\n      hints.enabled: true\n\nprocessors:\n- add_cloud_metadata: ~\n\nsetup.ilm:\n  enabled: false\n\noutput.elasticsearch:\n  hosts: '${ELASTICSEARCH_HOSTS:elasticsearch:9200}'\n  username: '${ELASTICSEARCH_USERNAME:}'\n  password: '${ELASTICSEARCH_PASSWORD:}'<\/code><\/pre>\n\n\n\n
Create a docker-compose.yaml file<\/h2>\n\n\n\n
version: '3.0'\nservices:\n  elasticsearch:\n    hostname: elasticsearch\n    image: elasticsearch:7.5.0\n    ports:\n      - 9200:9200\n      - 9300:9300\n    volumes:\n      - esdata:\/usr\/share\/elasticsearch\/data\n    environment:\n      - discovery.type=single-node\n      - \"ES_JAVA_OPTS=-Xms512m -Xmx512m\"\n  kibana: \n    hostname: kibana\n    image: kibana:7.5.0\n    ports: \n      - 5601:5601\n    depends_on:\n      - elasticsearch        \n    environment:\n      - XPACK_MONITORING_ENABLED=false\n      - LOGGING_QUIET=true\n  filebeat:\n    user: root\n    hostname: filebeat\n    image: docker.elastic.co\/beats\/filebeat:7.5.1\n    command: filebeat -e -strict.perms=false\n    volumes:\n      - .\/filebeat.yaml:\/usr\/share\/filebeat\/filebeat.yml\n      - \/var\/lib\/docker\/containers:\/var\/lib\/docker\/containers:ro\n      - \/var\/run\/docker.sock:\/var\/run\/docker.sock:ro\n    environment:\n      - output.elasticsearch.hosts=[\"elasticsearch:9200\"]\n    depends_on:\n      - elasticsearch\nvolumes: \n  esdata:<\/code><\/pre>\n\n\n\n
Startup the docker containers <\/h2>\n\n\n\n
docker-compuse up -d<\/p>\n\n\n\n
Then you can access the logs via Kibana in the browser: http:\/\/localhost:5601\/<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Create a filebeat configuation file named “filebeat.yaml” Create a docker-compose.yaml file Startup the docker containers docker-compuse up -d Then you can access the logs via Kibana in the browser: http:\/\/localhost:5601\/<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,34,12],"tags":[],"class_list":["post-911","post","type-post","status-publish","format-standard","hentry","category-allgemein","category-docker","category-linux"],"_links":{"self":[{"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=911"}],"version-history":[{"count":4,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/911\/revisions"}],"predecessor-version":[{"id":920,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/911\/revisions\/920"}],"wp:attachment":[{"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rocworks.at\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}