Comments (2)
Hi and thanks for the kind words!
Here's what you need to do to use GELF logs with Logstash's GELF input plugin:
-
Create an input configuration file to enable Logstash's GELF input plugin. For instance, create a file named
03-gelf-input.conf
and containing the following empty configuration, which uses all the defaults:input { gelf {} }
-
Overwrite the default
30-output.conf
so that theindex
anddocument_type
configuration options in theelasticsearch
section don't make use of Beats-specific metadata. -
Extend the base image by creating a
Dockerfile
with contents similar to:FROM sebp/elk ADD ./03-gelf-input.conf /etc/logstash/conf.d/03-gelf-input.conf # TODO: add ADD directive to overwrite 30-output.conf as needed # expose GELF's default UDP port (12201) EXPOSE 12201/udp
-
Build the extended image.
-
Start a container from the extended image as you would ordinarily do, with the additional option
-p 12201:12201/udp
in order for the container publish GELF's default UDP port (12201).
You can now start another container using the GELF log driver, and you'll see its logs in Elasticsearch and Kibana.
As an example:
docker run -it --log-driver=gelf --log-opt gelf-address=udp://localhost:12201 alpine sh
will push every line of shell input and output to ELK.
Hope that helps.
from elk-docker.
Housekeeping: closing this issue, please feel free to reopen if needed.
from elk-docker.
Related Issues (20)
- Can't get Elk started HOT 7
- cannot add login page to kibana HOT 1
- How to use environment variable in 30-output.conf file HOT 2
- ELK fails to start on MAC M1 HOT 8
- Setting up APM question HOT 4
- Question: user authentication for https HOT 1
- Error in Security section HOT 1
- Issues installing on TrueNAS Scale HOT 1
- Update ELK to latest version (currently 8.3.3) HOT 4
- Issues running on AWS Fargate HOT 2
- Add sample docker-compose.yml with persistance + traefik configuration HOT 1
- example using image never starts as elasticsearch doesn't start HOT 1
- Kibana refuses connection, nothing in logs HOT 2
- filebeat x509 certificate signed by unknown authority when calling api endpoint HOT 1
- Kibana enrollement token
- Update ELK to 8.9.0 HOT 1
- Kibana 8.11.1 Security Update (ESA-2023-25) HOT 1
- want to move data from this running stack to another machine (arm64-amd64) how to
- how to disable the features that require a licence.
- Please update to 8.13.2 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elk-docker.