Skip to content
/ elk_docker Public

This Docker project deploys a single-node ELK stack with Logstash, offering the flexibility to add custom pipelines as needed. It includes a preconfigured Winlogbeat pipeline for collecting logs from Windows systems. This setup is intended for testing and research purposes only, not for production use.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

michellevaillant/elk_docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
logstash
logstash
 
 
.env
.env
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

add logstash pipelines

todo

setup winlogbeat

configure winlogbeat.yml

1 setup templates, dashboards etc in elastcisearch/kibana
1.1 configure elasticsearch output and kibana

setup.dashboards.enabled: true
setup.kibana:
  host: "http://<kibana>:5601"
output.elasticsearch:
  hosts: ["http://<elasticsearch>:9200"]

1.2 start setup winlogbeat.exe setup
1.3 disable elasticsearch output

# output.elasticsearch:
#  hosts: ["http://<elasticsearch>:9200"]

2 enable and configure logstash output in winlogbeat.yml

output.logstash:
  hosts: ["<logstash>:5044"]

install service

1 run powershell script install-service-winlogbeat 2 star service winlogbeat

About

This Docker project deploys a single-node ELK stack with Logstash, offering the flexibility to add custom pipelines as needed. It includes a preconfigured Winlogbeat pipeline for collecting logs from Windows systems. This setup is intended for testing and research purposes only, not for production use.

Topics

docker elasticsearch logstash docker-compose winlogbeat

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published