ELK Stack 7 with Docker

On By ProjectLeader

“Ingest all the logs and let the ELK server sort them out.”
–Me to all my system and network admins

 

I started working with the ELK stack around 3 years ago and not sure how I survived without it.  The flexibility and power of the ELK stack is simply amazing and crucial for anyone needing to keep eyes on the critical aspects of their infrastructure.  The ability to ingest logs, filter them and display them in a nice graphical form is a great tool for delivery analytics and other data.  Even if you have a commercial monitoring products (which I use) there is usually still a place an ELK stack in your enterprise.

This is a quick down and dirty tutorial for installing the ELK stack using Docker.  Why Docker?  Its easy, it works and its extremely fast to setup.  To be honest, Docker (and Kubernetes) are a current passion of mine.  There are advantages to a dedicated install but when I am consulting or need quick eyes on something using the ELK stack Docker is my go to deployment.

Getting Started

I am going to be using Docker on an Ubuntu 18.04 server install and my Macbook pro.

Quick Install for Ubuntu 18.04

sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
sudo apt update
sudo apt install docker-ce
Sudo apt install docker-compose

Quick Install for MacOS

Download Docker Desktop from https://www.docker.com/products/docker-desktop

Get Docker Compose Files

For MacOS I use a docker-compose script I wrote myself.  Its simple but gets the job done.  This is great for short term ELK needs or to test.

git clone https://github.com/subproject9/docker-elk

For Ubuntu I used deviantony’s docker-compose scripts as a basis for my docker-compose script.  He does a great job of keeping everything up to date with the ELK stack and I just altered a few things to meet my requirements.

git clone https://github.com/subproject9/docker-elk-ubuntu

Start the Docker ELK Stack

Ubuntu example:

Navigate to the cloned git directory:
cd docker-elk-ubuntu

Start the docker container
sudo docker-compose up
or add a “-d” to run headless

MacOS example:

Navigate to the cloned git directory:
cd docker-elk

Start the docker container
sudo docker-compose up
or add a “-d” to run headless

Accessing the ELK Stack

Kibana

http://localhost:5601 or https://servername

Username: elastic
Password:  changeme