3 years ago

Category: logging, yaml

Log centralization is becoming a key aspect of a variety of IT tasks and provides you with an overview of your entire system. The best solution is to aggregate the logs from all containers, which is enriched with metadata so that it provides you with better traceability options and comes with awesome community support.

Inside docker_elk, create another directory for elasticsearch and create a Dockerfile and elasticsearch.yml files: Open elasticsearch.yml file in your preferred text editor and copy the configuration setting as it is: Note that you can set xpack.license.self_generated.type from basic to trial if you wish to evaluate the commercial feature of x-pack for 30 days. Open Dockerfile in your preferred text editor and copy the below-mentioned lines and paste it as it is: The command chown is to change the file owner to elasticsearch as of other files in container.

Here in elasticsearch reference you will find host, user and password, make sure you change the values as per your system: As you are through with the setup of your stack's components, the directory structure of your project should should look something like this: Now, it’s time to create a Docker Compose file, which will let you run the stack.