Skip to content

ypereirareis/docker-logstash-forwarder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

1.0

1.0

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Repository files navigation

Docker Logstash Forwarder

A Docker image with logstash forwarder and default configurations:

Config Default value
Logstash host:port elk:5000
SSL domain elk

SSL

Logstash use SSL certificates to secure data transfer. Default certificates are included in the built image. The default certificate is available in the ssl directory.

The embedded certificate ./ssl/logstash-forwarder.crt works with elk as domain name.

If it does not fit to your needs, feel free to create a new one and add a volume pointing to /etc/ssl/logstash-forwarder.crt

sudo openssl req -x509 -nodes -newkey rsa:2048 \
    -keyout logstash-forwarder.key -out logstash-forwarder.crt

Be careful, the certificate must match the certificate used by your logstash server/container.

Link with ELK

By default the ELK service can be reached with the elk domain on port 5000:

{
    "network": {
        "servers": [ "elk:5000" ],
        "ssl ca": "/etc/ssl/logstash-forwarder.crt"
    },
    ...
}

Add a link option when starting your logstash forwarder container:

  • Docker
docker run --link dockerelk_elk_1:elk ypereirareis/logstash-forwarder
  • Docker Compose
forwarder:
  ...
  external_links:
    - dockerelk_elk_1:elk

Log files forwarding

  • Docker
docker run \
    -v PATH_TO_HOST_ERROR_ACCESS_APACHE_DIR/:/var/log/forwarder/apache \
    -v PATH_TO_HOST_ERROR_ACCESS_NGINX_DIR:/var/log/forwarder/nginx \
    -v PATH_TO_HOST_SYMFONY_DEV_PROD_DIR/:/var/log/forwarder/symfony \
    --link dockerelk_elk_1:elk \
    ypereirareis/logstash-forwarder
  • Docker Compose
forwarder:
  build: .
  volumes:
    - PATH_TO_HOST_ERROR_ACCESS_APACHE_DIR/:/var/log/forwarder/apache
    - PATH_TO_HOST_SYMFONY_DEV_PROD_DIR/:/var/log/forwarder/nginx
    - PATH_TO_HOST_ERROR_ACCESS_NGINX_DIR/:/var/log/forwarder/symfony
  external_links:
    - dockerelk_elk_1:elk

Log files configurations

A default config file is embedded in the docker image:

{
    "network": {
        "servers": [ "elk:5000" ],
        "ssl ca": "/etc/ssl/logstash-forwarder.crt"
    },
    "files": [
        {
            "paths":  [ "/var/log/forwarder/nginx/access.log" ],
            "fields": { "type": "nginx-access" }
        },
        {
            "paths":  [ "/var/log/forwarder/nginx/error.log" ],
            "fields": { "type": "nginx-error" }
        },
        {
            "paths":  [ "/var/log/forwarder/apache/access.log" ],
            "fields": { "type": "apache-access" }
        },
        {
            "paths":  [ "/var/log/forwarder/apache/error.log" ],
            "fields": { "type": "apache-error" }
        },
        {
            "paths":  [ "/var/log/forwarder/symfony/logs/dev.log" ],
            "fields": { "type": "symfony_dev" }
        },
        {
            "paths":  [ "/var/log/forwarder/symfony/logs/prod.log" ],
            "fields": { "type": "symfony_prod" }
        }
    ]
}

If it does not fit to your needs, feel free to create a new one and add a volume pointing to /etc/logstash-forwarder/config.json

About

A Docker image with logstash forwarder

hub.docker.com/r/ypereirareis/logstash-forwarder/

Resources

Readme
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages