Introduction
Code on Github: Elasticsearch + Docker
We will setup Elasticsearch, Kibana, beats, and Logstash with Docker Compose.
This video assumes you already know how to setup Elasticsearch, Kibana, Beats, and Logstash without using a Container. If not then you can go here.
Requirements
- A new instance of Linux machine like Ubuntu 20.04 to act as the Server
- Docker and Docker-Compose Installed
Step 1 - Get the Codes [02:15]
Initialize a new git repository.
git init;
git remote add origin https://github.com/evermight/elastic-stack-docker-part-one.git;
git fetch -a;
git checkout main
List out all files in the directory.
ls -alh
Build with the below docker compose command.
docker-compose up --build -d
Get the IP address of your server for it will be used as the url to the docker containers.
hostname -i
Visit Kibana page with http://<YOUR IP ADDRESS>:5601.
Then login with the elastic username and password present at the .env file
username: elastic
password: changeme
Kibana Login page
Step 2 - Confirm Metricbeat Success [06:50]
Go to Observability > Overview, and scroll down to the host section. You should see a similar result as below to confirm that metricbeats container is publishing result to Kibana.
Metricbeat Success
Step 3 - Confirm Filebeat Success [07:03]
Go to Observability > Discover, and click on create data view. You should fill in the details as shown in the image below:
Create Data View
And click save. You will see something similar to the below image, which confirms that filebeat works successfully:
Filebeat Success
To add another log file for filebeat to ingest, follow the below steps:
cp /var/log/cron /filebeat_ingest_data/cron.log
Step 4 - Confirm Logstash Success [09:21]
Go to Stack Management > Index Management, and check if Logstash is available. If Logstash is not available you will see something similar to the image below:
Logstash Presence confirmation
Got to your server terminal and run the below command:
cd logstash_ingest_data
vi test.log
and write in the text as shown in the image below, into the file:
Add a log into a test.log file for Logstash
Go to Stack Management > Index Management, and reload it. You should see something similar to the image below, which confirms that logstash has picked up the test.log file:
Logstash Indices Created