Repository Information

Builds a Docker container running Logstash ready for use. Provisioning provided via Ansible.

How-To

Build

docker build -t ansible-logstash .

Consume

Default

docker run -d -p 5044:5044 -p 10514:10514 -p 10514:10514/udp mrlesmithjr/logstash

Consume using docker-compose (Spins up Elasticsearch with persistent volume/data and a working Logstash instance)

docker-compose up -d

Logstash configuration

The following logstash.conf is included and used during startup of the container.

input {
  beats {
    port => 5044
  }
}

input {
  tcp {
    type => "syslog"
    port => "10514"
  }
}

input {
  udp {
    type => "syslog"
    port => "10514"
  }
}

output {
  elasticsearch {
    hosts => ["http://elasticsearch:9200"]
  }
}

This is configured for Beats input TCP/5044, syslog input TCP/10514, syslog input UDP/10514 and Elasticsearch output http://elasticsearch:9200.

Configure your clients to send syslog using TCP/10514. Example Linux rsyslog configuration would be configured as *.* @@HostOrIP:10514

License

BSD

Author Information

Larry Smith Jr.

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
config		config
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
docker-compose.yml		docker-compose.yml
docker-entrypoint.sh		docker-entrypoint.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Repository Information

How-To

Logstash configuration

License

Author Information

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Repository Information

How-To

Logstash configuration

License

Author Information

About

Resources

Code of conduct

Contributing

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages