Failed to load latest commit information.


The ELK stack is traditionally composed of Elasticsearch, Logstash, and Kibana and is a great solution for collecting, searching, and visualizing logs. In this example, we are configuring a docker-based ELK stack. However, since this is a single-node demonstration, we are using Filebeat instead of Logstash for the log collection component.



Just run vagrant up!

After Vagrant provisioning completes, you should have a working Kibana instance backed by Elasticsearch. Filebeat is installed on the Vagrant host and is configured to send logs to Elasticsearch. You should be able to access the Kibana web interface at http://localhost:5601.

Terraform (AWS)

You must have a version of the Converge Terraform provisioner built and configured as a plugin for Terraform:

$ cat ~/.terraformrc
provisioners {
  converge = "/path/to/terraform-provisioner-converge"

You must have also set valid AWS credentials (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY) in your environment. Then you can run:

terraform apply

After provisioning completes, you should be able to retrieve the url for the Kibana interface by running:

echo "http://$(terraform output ip):5601/"


This is the visualization of the graph that Converge applies to the system.

elk graph


When deploying via Terraform, Kibana will be publicly accessible on port 5601 without authentication. You can adjust the security group in to change this behavior.