https://github.com/sohelamin/elk-stack
ELK Stack (Elasticsearch, Logstash & Kibana)
https://github.com/sohelamin/elk-stack
elasticsearch elk-stack filebeat kibana logstash
Last synced: 6 months ago
JSON representation
ELK Stack (Elasticsearch, Logstash & Kibana)
- Host: GitHub
- URL: https://github.com/sohelamin/elk-stack
- Owner: sohelamin
- License: mit
- Created: 2018-01-07T06:14:44.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2020-07-31T16:21:01.000Z (about 5 years ago)
- Last Synced: 2025-04-02T15:11:11.249Z (6 months ago)
- Topics: elasticsearch, elk-stack, filebeat, kibana, logstash
- Language: Shell
- Size: 92.8 KB
- Stars: 13
- Watchers: 2
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ELK Stack
## Using Linux
1. Run the script.
```
sudo chmod +x ELK.sh
./ELK.sh
```
2. Setup beat clients (eg. Filebeat) to your application server.
```
sudo chmod +x filebeat.sh
./filebeat.sh
```
3. Configure beat clients (eg. filebeat) output as logstash.
```
#----------------------------- Logstash output --------------------------------
output.logstash:
# The Logstash hosts
hosts: ["localhost:5044"]
```
4. Create `filebeat-*` index pattern in kibana dashboard.
## Using Docker
1. Up the stack using `docker-compose` command.
```
docker-compose up -d
```
2. Setup beat clients (eg. Filebeat) to your application server.
```
sudo chmod +x filebeat.sh
./filebeat.sh
```
3. Configure beat clients (eg. filebeat) output as logstash.
```
#----------------------------- Logstash output --------------------------------
output.logstash:
# The Logstash hosts
hosts: ["localhost:5044"]
```
4. Create `filebeat-*` index pattern in kibana dashboard.
### Security
To protect the kibana dashboard you can use the `htpasswd` in nginx.
Disallow to access directly the port 9200, 5601, 5044 and use ssl authentication while communicating with logstash.
### Extra commands
Delete indices from Elasticsearch
```
curl -XDELETE 'http://localhost:9200/filebeat-*'
```
Check the space usage in Elasticsearch
```
curl -XGET 'http://localhost:9200/_cat/indices?v'
curl -XGET 'http://localhost:9200/_cat/allocation?v'
```
## Author
[Sohel Amin](http://sohelamin.com)
## License
This project is licensed under the MIT License - see the [License File](LICENSE) for details