-
Notifications
You must be signed in to change notification settings - Fork 14
/
logstashDocker.md
38 lines (33 loc) · 986 Bytes
/
logstashDocker.md
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Logstash Docker
Logstash - transport and process your logs, events, or other data
## Docker
```sh
docker run -d --name=logstash logstash:7.17.4
docker exec -it logstash /bin/bash
vi config/logstash.yml
xpack.monitoring.elasticsearch.url: http://192.168.1.103:9200
```
`vi pipeline/logstash.conf`
```
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
}
}
output {
elasticsearch {
hosts => "es:9200"
index => "springboot-logstash-%{+YYYY.MM.dd}"
}
}
```
## Screenshots
![](https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltb5aad3a600b5091a/5ca6b1b3e2c6d6592e0b14da/screenshot-arcsight-network.jpg)
![](https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltf4648d9066ddf5da/5d27824e8d27ea11c3824290/diagram-logstash.svg)
## References
- [Logstash Docker](https://hub.docker.com/_/logstash)
- [Logstash GitHub](https://github.com/elastic/logstash)
- [Logstash](https://www.elastic.co/cn/logstash/)