Elastic Stack and GELF

The docker-compose configuration is the same as in section Creating the “docker-compose” File, but with a change to the Logstash part (note that the log entrypoint key would appear on a single line):

Elastic Stack docker-compose example 2

version: '2.2'

services:

elasticsearch:

build:

context: elasticsearch/

container_name: elasticsearch

volumes:

- monitoring-data:/usr/share/elasticsearch/data

ports:

- "9200:9200"

- "9300:9300"

environment:

ES_JAVA_OPTS: "-Xmx512m -Xms512m"

logstash:

image: docker.elastic.co/logstash/logstash:7.9.1

container_name: logstash

ports:

- "5000:5000"

- "5044:5044"

- "12201:12201/udp"

expose:

- "5044/tcp"

- "12201/udp"

logging:

driver: "json-file"

environment:

LS_JAVA_OPTS: "-Xmx256m -Xms256m"

entrypoint: logstash -e 'input { gelf { } } output { elasticsearch { id => "lls" hosts => ["http://elasticsearch:9200"] } }'

depends_on:

- elasticsearch

kibana:

image: docker.elastic.co/kibana/kibana:7.9.1

ports:

- "5601:5601"

depends_on:

- elasticsearch

volumes:

monitoring-data:

driver: local

The Filebeat agent is not required in this scenario.

Elastic Stack and GELF

FlexNet Embedded License Server Administration Guide

February 2022