{"id":13753301,"url":"https://github.com/xeraa/vagrant-elastic-stack","last_synced_at":"2025-08-02T07:10:24.157Z","repository":{"id":139656674,"uuid":"54931808","full_name":"xeraa/vagrant-elastic-stack","owner":"xeraa","description":"Giving the Elastic Stack a try in Vagrant","archived":false,"fork":false,"pushed_at":"2019-07-02T14:28:17.000Z","size":1820,"stargazers_count":140,"open_issues_count":3,"forks_count":45,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-04-11T22:22:51.728Z","etag":null,"topics":["ansible","auditbeat","docker","elasticsearch","filebeat","heartbeat","kibana","logstash","metricbeat","mongodb","nginx","ova","ova-image","packetbeat","redis","vagrant"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xeraa.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-03-28T23:55:05.000Z","updated_at":"2025-01-03T21:45:11.000Z","dependencies_parsed_at":"2023-07-23T08:45:59.828Z","dependency_job_id":null,"html_url":"https://github.com/xeraa/vagrant-elastic-stack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/xeraa/vagrant-elastic-stack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xeraa%2Fvagrant-elastic-stack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xeraa%2Fvagrant-elastic-stack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xeraa%2Fvagrant-elastic-stack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xeraa%2Fvagrant-elastic-stack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xeraa","download_url":"https://codeload.github.com/xeraa/vagrant-elastic-stack/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xeraa%2Fvagrant-elastic-stack/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268348024,"owners_count":24236291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-02T02:00:12.353Z","response_time":74,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","auditbeat","docker","elasticsearch","filebeat","heartbeat","kibana","logstash","metricbeat","mongodb","nginx","ova","ova-image","packetbeat","redis","vagrant"],"created_at":"2024-08-03T09:01:19.907Z","updated_at":"2025-08-02T07:10:24.104Z","avatar_url":"https://github.com/xeraa.png","language":"Shell","funding_links":[],"categories":["Shell","vagrant"],"sub_categories":[],"readme":"# Elastic Stack in a Box\n\nThis repository will install the [Elastic Stack](https://www.elastic.co/products) (Elasticsearch, Logstash, Kibana, and Beats) and optionally start a trial of commercial features. You can either start from scratch and configure everything with [Vagrant and Ansible](#vagrant-and-ansible) or you can [download the final OVA image](#ova-image).\n\n\n\n## Features\n\n* Filebeat `system`, `auditd`, `logstash`, `mongodb`, `nginx`, `osquery`, and `redis` modules\n* Filebeat collecting Kibana JSON logs from `/var/log/kibana/kibana.log`\n* Auditbeat `file_integrity` module on `/home/vagrant/` directory and `auditd` module\n* Heartbeat pinging nginx every 10s\n* Metricbeat `system`, `docker`, `elasticsearch`, `kibana`, `logstash`, `mongodb`, `nginx` and `redis` modules\n* Packetbeat sending its data via Redis + Logstash, monitoring flows, ICMP, DNS, HTTP (nginx and Kibana), Redis, and MongoDB (generate traffic with `$ mongo /elastic-stack/mongodb.js`)\n* The pattern for nginx is already prepared in */opt/logstash/patterns/* and you can collect */var/log/nginx/access.log* with Filebeat and add a filter in Logstash with the pattern as an exercise\n\n![](screenshot.png)\n\n\n## Vagrant and Ansible\n\nDo a simple `vagrant up` by using [Vagrant](https://www.vagrantup.com)'s [Ansible provisioner](https://www.vagrantup.com/docs/provisioning/ansible.html). All you need is a working [Vagrant installation](https://www.vagrantup.com/docs/installation/) (2.2.4+ but the latest version is always recommended), a [provider](https://www.vagrantup.com/docs/providers/) (tested with the latest [VirtualBox](https://www.virtualbox.org) version), and 3GB of RAM.\n\nWith the [Ansible playbooks](https://docs.ansible.com/ansible/playbooks.html) in the */elastic-stack/* folder you can configure the whole system step by step. Just run them in the given order inside the Vagrant box:\n\n```sh\n\u003e vagrant ssh\n$ cd /elastic-stack/\n$ ansible-playbook 1_configure-elasticsearch.yml\n$ ansible-playbook 2_configure-kibana.yml\n$ ansible-playbook 3_configure-logstash.yml\n$ ansible-playbook 4_configure-auditbeat.yml\n$ ansible-playbook 4_configure-filebeat.yml\n$ ansible-playbook 4_configure-heartbeat.yml\n$ ansible-playbook 4_configure-metricbeat.yml\n$ ansible-playbook 4_configure-packetbeat.yml\n$ ansible-playbook 5_configure-dashboards.yml\n```\n\nOr if you are in a hurry, run all playbooks with `$ /elastic-stack/all.sh` at once.\n\n\n\n## OVA Image\n\nIf Vagrant and Ansible sound too complicated, there is also the final result: An OVA image, which you can import directly into [VirtualBox](https://www.virtualbox.org):\n\n* Download the image from [https://s3.eu-central-1.amazonaws.com/xeraa/public/elastic-stack.ova](https://s3.eu-central-1.amazonaws.com/xeraa/public/elastic-stack.ova).\n* Load the OVA file into VirtualBox and make sure you have 3GB of RAM available for it: **File** -\u003e **Import Appliance...** -\u003e Select the file and start it\n* Connect to the instance with the credentials `vagrant` and `vagrant` in the VirtualBox window.\n* Or use SSH with the same credentials:\n  * Windows: Use [http://www.putty.org](http://www.putty.org) and connect to `vagrant@127.0.0.1` on port 2222.\n  * Mac and Linux: `$ ssh vagrant@127.0.0.1 -p 2222 -o PreferredAuthentications=password`\n\n\n\n\n## Kibana\n\nAccess Kibana at [https://127.0.0.1:5601](https://127.0.0.1:5601).\n\n\n\n## Test Data\n\nYou can use */opt/injector.jar* to generate test data in the `person` index. To generate 100,000 documents in batches of 1,000 run the following command:\n\n```\n$ java -jar /opt/injector.jar 100000 1000\n```\n\n\n\n## Logstash Demo\n\nYou can play around with a Logstash example by calling `$ sudo /usr/share/logstash/bin/logstash --path.settings /etc/logstash -f /elastic-stack/raffle/raffle.conf` (it can take some time) and you will find the result in the `raffle` index.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxeraa%2Fvagrant-elastic-stack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxeraa%2Fvagrant-elastic-stack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxeraa%2Fvagrant-elastic-stack/lists"}