{"id":20716452,"url":"https://github.com/mvladislav/docker-elastic","last_synced_at":"2026-04-13T01:06:52.798Z","repository":{"id":151662965,"uuid":"405934971","full_name":"MVladislav/docker-elastic","owner":"MVladislav","description":"Elastic - Docker - Swarm - Trafik - Deploy","archived":false,"fork":false,"pushed_at":"2022-11-25T03:30:11.000Z","size":2734,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-17T22:11:50.539Z","etag":null,"topics":["apm-server","docker","docker-compose","docker-swarm","elastic","elastic-agent","elasticsearch","logstash","traefik-v2"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MVladislav.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-13T10:54:37.000Z","updated_at":"2022-11-25T02:52:03.000Z","dependencies_parsed_at":"2024-01-16T16:31:54.998Z","dependency_job_id":null,"html_url":"https://github.com/MVladislav/docker-elastic","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MVladislav%2Fdocker-elastic","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MVladislav%2Fdocker-elastic/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MVladislav%2Fdocker-elastic/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MVladislav%2Fdocker-elastic/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MVladislav","download_url":"https://codeload.github.com/MVladislav/docker-elastic/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242989270,"owners_count":20217756,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apm-server","docker","docker-compose","docker-swarm","elastic","elastic-agent","elasticsearch","logstash","traefik-v2"],"created_at":"2024-11-17T03:05:50.010Z","updated_at":"2026-04-13T01:06:47.745Z","avatar_url":"https://github.com/MVladislav.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Elastic - SIEM - Docker - Deploy\n\n```sh\n  MVladislav\n```\n\n---\n\n- [Elastic - SIEM - Docker - Deploy](#elastic---siem---docker---deploy)\n  - [about](#about)\n  - [info to run all](#info-to-run-all)\n  - [other](#other)\n    - [best practice start-up](#best-practice-start-up)\n    - [production](#production)\n\n---\n\n## about\n\nthis repo is used to deploy **elasticsearch** with **kibana** as **SIEM**\n\u003e _with **swarm** and **traefik** support_\n\n- then deploy\n  - **elastic-agent** for handle device integration to collect logs\n  - **winlog-beats** with **sysmon** on windows clients\n  - **opnsense** with **zenarmor** and **syslog**\n\n- \\+ deploy **logstash** from [pfelk](https://github.com/pfelk/pfelk)\n- \\+ deploy **logstash** with [helk](https://github.com/Cyb3rWard0g/HELK)\n  \u003e some files copied from this repo\n\n---\n\n## info to run all\n\n\u003e cd into every folder (you need to run) and run following command in correct folder.\n\u003e\n\u003e do not foget to create `.env` files and `cp` conf templates (described in READMEs).\n\n```sh\n$docker-swarm-compose elasticsearch\n$docker-swarm-compose kibana\n$docker-swarm-compose logstash\n$docker-swarm-compose elastic-agent\n$docker-swarm-compose apm\n$docker-swarm-compose filebeat\n```\n\n---\n\n## other\n\n### best practice start-up\n\nuse docker-swarm to manage and start containers.\n\nfor that is in each service following defined:\n\n```yml\nservices:\n  ...:\n    ...\n    deploy:\n      mode: replicated\n      replicas: 1\n      placement:\n        max_replicas_per_node: 1\n        constraints:\n          # - \"node.id==${NODE_ID}\"\n          - \"node.role==${NODE_ROLE}\"\n      restart_policy:\n        condition: on-failure\n    ...\n    ports:\n      - target: ...\n        published: ...\n        mode: host\n```\n\nto start this configuration with all supportings between docker-stack and docker-composer\nrun it with following commando:\n\n```sh\n$docker-compose config | docker stack deploy --compose-file - \u003cSTACK_NAME\u003e\n```\n\nor create directly an alias for it:\n\n```sh\n$alias docker-swarm-compose=\"docker-compose config | docker stack deploy --compose-file -\"\n```\n\nand run:\n\n```sh\n$docker-swarm-compose \u003cSTACK_NAME\u003e\n```\n\n---\n\n### production\n\nrun following on the host system:\n\n```sh\n$sysctl -w vm.max_map_count=262144\n```\n\n---\n\n**☕ COFFEE is a HUG in a MUG ☕**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmvladislav%2Fdocker-elastic","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmvladislav%2Fdocker-elastic","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmvladislav%2Fdocker-elastic/lists"}