1). Introduction
This is an ELK used for monitoring all logs at one place.
2) Pre-requisite:
JAVA should be installed in order to setup ELK.
apt-get update
apt-get install default-jre
apt-get install default-jdk
add-apt-repository ppa:webupd8team/java
apt-get update
apt-get install oracle-java8-installer
#edit the file and add below line….vim /etc/environment
JAVA_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
echo $JAVA_HOME…This should reflect the path mentioned in the file.
java --version
3) Install Docker and Docker-compose apt-get install docker
apt-get install docker-compose
systemctl start docker
4) Git Clone the image git clone https://github.com/deviantony/docker-elk.git It will create a directory called docker-elk
5) Editing the .yml files If you are using custom ports then we will have to change the respective ports in the respective files as well as docker-compose.yml file.
Default ports:
9200 – Elastic search
5601- Kibana
5044- Log stash
6) Creating Containers cd docker-elk
docker-compose up --build -d
It will take time and you can verify if the containers are created
docker ps
7) Web-page
Hit the web-page
<ip>:9200—you must see the .jason format. This is the confirmation that elastic search is installed correctly.
<ip>:5601—you must see the kibana page.
8) Setup of Beat agent on Client Side Click on Logs à Add data à <type of logs you require> à Select the OS à Follow the instructions to install the agent.
9) Adding log paths
On client side after installing the Beat. Go to its directory to add the log paths
cd /etc/filebeat/modules.d
Edit the file vim nginx.yml
There are two sections of access and error. We can give path of the logs we want to fetch in kibana over here.
--------------------------------------------------------------------------------------------------
This is an ELK used for monitoring all logs at one place.
2) Pre-requisite:
JAVA should be installed in order to setup ELK.
apt-get update
apt-get install default-jre
apt-get install default-jdk
add-apt-repository ppa:webupd8team/java
apt-get update
apt-get install oracle-java8-installer
#edit the file and add below line….vim /etc/environment
JAVA_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
echo $JAVA_HOME…This should reflect the path mentioned in the file.
java --version
3) Install Docker and Docker-compose apt-get install docker
apt-get install docker-compose
systemctl start docker
4) Git Clone the image git clone https://github.com/deviantony/docker-elk.git It will create a directory called docker-elk
5) Editing the .yml files If you are using custom ports then we will have to change the respective ports in the respective files as well as docker-compose.yml file.
Default ports:
9200 – Elastic search
5601- Kibana
5044- Log stash
6) Creating Containers cd docker-elk
docker-compose up --build -d
It will take time and you can verify if the containers are created
docker ps
7) Web-page
Hit the web-page
<ip>:9200—you must see the .jason format. This is the confirmation that elastic search is installed correctly.
<ip>:5601—you must see the kibana page.
8) Setup of Beat agent on Client Side Click on Logs à Add data à <type of logs you require> à Select the OS à Follow the instructions to install the agent.
9) Adding log paths
On client side after installing the Beat. Go to its directory to add the log paths
cd /etc/filebeat/modules.d
Edit the file vim nginx.yml
There are two sections of access and error. We can give path of the logs we want to fetch in kibana over here.
--------------------------------------------------------------------------------------------------
