https://github.com/bachng2017/renat-stats
ELK stack with predefined dashboard for RENAT project
https://github.com/bachng2017/renat-stats
docker-compose-files renat
Last synced: about 1 year ago
JSON representation
ELK stack with predefined dashboard for RENAT project
- Host: GitHub
- URL: https://github.com/bachng2017/renat-stats
- Owner: bachng2017
- Created: 2019-06-09T15:36:59.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2019-08-08T13:59:11.000Z (almost 7 years ago)
- Last Synced: 2025-02-12T23:45:12.263Z (over 1 year ago)
- Topics: docker-compose-files, renat
- Language: Shell
- Size: 179 KB
- Stars: 1
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
renat-stats is a ELK docker composer with predefined dashboard to track your renat scenario

## Prepare the renat server to send data to this stack
The renat official container came with this ability already. If you install the renat server by your own, follow these steps to send data to the renat-stats stack.
1. add ELK 7.1 repository `/etc/yum.repos.d/elasticsearch.repo`
```
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
```
2. install ELK filebeat
```
$ yum install -y filebeat rsyslog
```
4. configure the rsyslog service by edite `/etc/rsyslog.conf`
```
local5.* /var/log/renat/renat.log
```
3. configure filebeat service by editing `/etc/filebeat/filebeat.yml` to have at least those setting
```yaml:filebeat.yml
filebeat.inputs:
- type: log
paths:
- /var/log/renat/renat.log
- /var/log/renat.log
fields:
service: renat
output.logstash:
hosts: [":5044"]
```
where `` is the logstash IP of the stack. In case the renat container is running within the same docker network, it could be just `logstash`.
4. restart the service
```
$ systemctl restart filebeat
$ systemctl restart rsyslog
```
and confirm the status of the service
```
$ systemctl status filebeat
$ systemctl status rsyslog
```
## Using the renat-stats
1. Clone the stack from git repository
```
$ git clone http://10.128.3.50/gitlab/bachng/renat-stats.git
```
- Initialize and start the stack
This will bring up the stack and push the dashboard configuration.
```
$ cd renat-stats
$ ./init.sh
```
The running stack will have a docker network called ``renat`` to bind all the ELK component.
*Note*: this will clear all existed data in the stack
- Stop and remove the stack
```
$ ./stop.sh
```
The ELK data will remains in `./elasticsearch/data`