Okwu Mmalite
Mgbe anyị na-ebugharị usoro ọzọ, anyị chere mkpa ịhazi ọnụ ọgụgụ buru ibu nke ndekọ dị iche iche. A họọrọ ELK dị ka ngwá ọrụ. Isiokwu a ga-atụle ahụmahụ anyị n'ịtọlite nke a.
Anyị anaghị edobe ihe mgbaru ọsọ iji kọwapụta ike ya niile, mana anyị chọrọ itinye uche kpọmkwem na idozi nsogbu ndị bara uru. Nke a bụ n'ihi na n'agbanyeghị na e nwere a pụtara nnukwu ego nke akwụkwọ na njikere mere oyiyi, e nwere nnọọ ọtụtụ ọnyà, ma ọ dịghị ihe ọzọ anyị hụrụ ha.
Anyị bufere ngwugwu ahụ site na docker-compose. Ọzọkwa, anyị nwere docker-compose.yml edere nke ọma, nke nyere anyị ohere ibuli nchịkọta ihe fọrọ nke nta ka ọ bụrụ n'enweghị nsogbu. Ma ọ dị anyị ka mmeri adịlarị nso, ugbu a, anyị ga-emegharị ya ntakịrị iji gboo mkpa anyị na nke ahụ bụ ya.
N'ụzọ dị mwute, mbọ iji hazie sistemụ ịnata na hazie ndekọ site na ngwa anyị emeghị nke ọma ozugbo. Ya mere, anyị kpebiri na ọ bara uru ịmụ akụkụ nke ọ bụla iche iche, wee laghachi na njikọ ha.
Ya mere, anyị malitere na logstash.
Gburugburu ebe obibi, ntinye, na-agba ọsọ Logstash n'ime akpa
Maka mbugharị anyị na-eji docker-compose; nnwale ndị akọwara ebe a ka emere na MacOS na Ubuntu 18.0.4.
Onyonyo logstash nke edebara aha na docker-compose.yml mbụ anyị bụ docker.elastic.co/logstash/logstash:6.3.2
Anyị ga-eji ya mee nnwale.
Anyị dere docker-compose.yml dị iche iji mee logstash. N'ezie, ọ ga-ekwe omume ịmalite ihe oyiyi ahụ site na akara iwu, ma anyị na-edozi otu nsogbu, ebe anyị na-agba ọsọ ihe niile site na docker-compose.
Nkenke maka faịlụ nhazi
Dị ka ndị a si na nkọwa ahụ, logstash nwere ike ịgba ọsọ ma ọ bụ maka otu ọwa, nke ikpe ahụ kwesịrị ịgafe faịlụ * .conf, ma ọ bụ maka ọtụtụ ọwa, n'ime ya, ọ ga-agafe faịlụ pipelines.yml, nke, n'aka nke ya. , ga-ejikọta na faịlụ .conf maka ọwa ọ bụla.
Anyị were ụzọ nke abụọ. Ọ dị anyị ka ọ bụ ihe zuru ụwa ọnụ ma nwee ike itolite. Ya mere, anyị kere pipelines.yml, ma mee akwụkwọ ndekọ aha pipelines nke anyị ga-etinye faịlụ .conf maka ọwa ọ bụla.
N'ime akpa ahụ enwere faịlụ nhazi ọzọ - logstash.yml. Anyị anaghị emetụ ya aka, anyị na-eji ya dị ka ọ dị.
Yabụ, usoro ndekọ aha anyị:
Iji nweta data ntinye, ugbu a anyị na-eche na nke a bụ tcp na ọdụ ụgbọ mmiri 5046, na maka mmepụta anyị ga-eji stdout.
Nke a bụ nhazi dị mfe maka mbido mbụ. N'ihi na ọrụ mbụ bụ ịmalite.
Yabụ, anyị nwere nke a docker-compose.yml
version: '3'
networks:
elk:
volumes:
elasticsearch:
driver: local
services:
logstash:
container_name: logstash_one_channel
image: docker.elastic.co/logstash/logstash:6.3.2
networks:
- elk
ports:
- 5046:5046
volumes:
- ./config/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro
- ./config/pipelines:/usr/share/logstash/config/pipelines:ro
Kedu ihe anyị na-ahụ ebe a?
- Netwọk na mpịakọta e si na mbụ docker-compose.yml (nke dum tojupụtara na ulo oru) na m na-eche na ha adịghị emetụta nke ukwuu n'ozuzu foto ebe a.
- Anyị na-emepụta otu ọrụ logstash site na docker.elastic.co/logstash/logstash:6.3.2 oyiyi wee kpọọ ya logstash_one_channel.
- Anyị na-ebugharị ọdụ ụgbọ mmiri 5046 n'ime akpa ahụ, n'otu ọdụ ụgbọ mmiri dị n'ime.
- Anyị na-edepụta faịlụ nhazi nke ọkpọkọ anyị ./config/pipelines.yml na faịlụ /usr/share/logstash/config/pipelines.yml n'ime akpa ahụ, ebe logstash ga-ebuli ya ma mee ka ọ bụrụ na ọ na-agụ naanị, ọ bụrụ na.
- Anyị na-esepụta akwụkwọ ndekọ aha ./config/pipelines, ebe anyị nwere faịlụ nwere ntọala ọwa, n'ime /usr/share/logstash/config/paipeline directory ma mee ka ọ bụrụ naanị ịgụ.
Pipelines.yml faịlụ
- pipeline.id: HABR
pipeline.workers: 1
pipeline.batch.size: 1
path.config: "./config/pipelines/habr_pipeline.conf"
Otu ọwa nwere njirimara HABR na ụzọ nke faịlụ nhazi ya ka akọwara ebe a.
Na n'ikpeazụ faịlụ "./config/pipelines/habr_pipeline.conf"
input {
tcp {
port => "5046"
}
}
filter {
mutate {
add_field => [ "habra_field", "Hello Habr" ]
}
}
output {
stdout {
}
}
Ka anyị ghara ịbanye na nkọwa ya ugbu a, ka anyị gbalịa ime ya:
docker-compose up
Gịnị ka anyị na-ahụ?
Akpa amalitela. Anyị nwere ike lelee ọrụ ya:
echo '13123123123123123123123213123213' | nc localhost 5046
Na anyị na-ahụ nzaghachi na akpa console:
Ma n'otu oge ahụ, anyị na-ahụkwa:
logstash_one_channel | [2019-04-29T11:28:59,790][ERROR][logstash.licensechecker.licensereader] Enweghị ike iweghachite ozi ikike site na ihe nkesa ikike {: ozi =>“Elasticsearch enweghị ike iru: [http://elasticsearch:9200/] [Manticore] ::ResolutionFailure] elasticsearch",...
logstash_one_channel | [2019-04-29T11:28:59,894] [INFO] [logstash.pipeline] Pipeline malitere nke ọma {:pipeline_id=>".monitoring-logstash",:thread=>"# "}
logstash_one_channel | [2019-04-29T11:28:59,988] [INFO] [logstash.agent] Pipeline na-agba ọsọ {:count=>2, : running_pipelines=>[:HABR, :".monitoring-logstash"], :non_running_pipelines=>[ ]}
logstash_one_channel | [2019-04-29T11:29:00,015][ERROR][logstash.inputs.metrics] arụnyere X-Pack na Logstash mana ọ bụghị na Elasticsearch. Biko tinye X-Pack na Elasticsearch ka iji njirimara nlekota. Atụmatụ ndị ọzọ nwere ike ịdị.
logstash_one_channel | [2019-04-29T11:29:00,526] [INFO] [logstash.agent] Bido nke ọma Logstash API njedebe {: port=>9600}
logstash_one_channel | [2019-04-29T11:29:04,478] [INFO] [logstash.outputs.elasticsearch] Na-eme nyocha ahụike iji hụ ma njikọ Elasticsearch na-arụ ọrụ {:healthcheck_url=>http://elasticsearch:9200/, :ụzọ=> "/"}
logstash_one_channel | [2019-04-29T11:29:04,487] [Ịdọ aka ná ntị] [logstash.outputs.elasticsearch] Gbara mbọ ịkpọlite njikọ na ihe atụ ES nwụrụ anwụ, mana enwere mperi. {:url=>": 9200/ ": Error_type => LogStash :: Mmepụta :: ElasticSearch :: HttpClient :: Pool :: HostUnreachableError : Error = "Elasticsearch Unreachable: [http://elasticsearch:9200/] [http://elasticsearch:XNUMX/] [Manticore :: ResolutionFailure] elasticsearch"}
logstash_one_channel | [2019-04-29T11:29:04,704] [INFO] [logstash.licensechecker.licensereader] Na-eme nyocha ahụike iji hụ ma njikọ Elasticsearch na-arụ ọrụ {:healthcheck_url=>http://elasticsearch:9200/, :path=> "/"}
logstash_one_channel | [2019-04-29T11:29:04,710] [Ịdọ aka ná ntị] [logstash.licensechecker.licensereader] Gbara mbọ ịkpọlite njikọ na ihe atụ ES nwụrụ anwụ, mana enwere mperi. {:url=>": 9200/ ": Error_type => LogStash :: Mmepụta :: ElasticSearch :: HttpClient :: Pool :: HostUnreachableError : Error = "Elasticsearch Unreachable: [http://elasticsearch:9200/] [http://elasticsearch:XNUMX/] [Manticore :: ResolutionFailure] elasticsearch"}
Na log anyị na-akpụ akpụ mgbe niile.
N'ebe a, akọwapụtala m na akwụkwọ ndụ akwụkwọ ndụ ozi nke pipeline amalitela nke ọma, na-acha uhie uhie ozi njehie na na-acha odo odo ozi banyere mgbalị ịkpọtụrụ. : 9200.
Nke a na-eme n'ihi na logstash.conf, gụnyere na onyonyo a, nwere nlele maka nnweta elasticsearch. E kwuwerị, logstash na-eche na ọ na-arụ ọrụ dịka akụkụ nke nchịkọta Elk, mana anyị kewara ya.
Ọ ga-ekwe omume ịrụ ọrụ, ma ọ dịghị adaba.
Ihe ngwọta bụ iji gbanyụọ nlele a site na mgbanwe gburugburu XPACK_MONITORING_ENABLED.
Ka anyị mee mgbanwe na docker-compose.yml wee mee ya ọzọ:
version: '3'
networks:
elk:
volumes:
elasticsearch:
driver: local
services:
logstash:
container_name: logstash_one_channel
image: docker.elastic.co/logstash/logstash:6.3.2
networks:
- elk
environment:
XPACK_MONITORING_ENABLED: "false"
ports:
- 5046:5046
volumes:
- ./config/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro
- ./config/pipelines:/usr/share/logstash/config/pipelines:ro
Ugbu a, ihe niile dị mma. Akpa dị njikere maka nnwale.
Anyị nwere ike pịnye ọzọ na console na-esote:
echo '13123123123123123123123213123213' | nc localhost 5046
Ma hụ:
logstash_one_channel | {
logstash_one_channel | "message" => "13123123123123123123123213123213",
logstash_one_channel | "@timestamp" => 2019-04-29T11:43:44.582Z,
logstash_one_channel | "@version" => "1",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "host" => "gateway",
logstash_one_channel | "port" => 49418
logstash_one_channel | }
Na-arụ ọrụ n'ime otu ọwa
Ya mere, anyị ulo oru. Ugbu a ị nwere ike wepụta oge iji hazie logstash n'onwe ya. Ka anyị ghara imetụ faịlụ pipelines.yml aka ugbu a, ka anyị hụ ihe anyị nwere ike nweta site na iji otu ọwa rụọ ọrụ.
Ekwesịrị m ikwu na ụkpụrụ izugbe nke ịrụ ọrụ na faịlụ nhazi ọwa na-akọwa nke ọma na akwụkwọ ntuziaka, ebe a
Ọ bụrụ na ịchọrọ ịgụ na Russian, anyị ji nke a (mana syntax ajụjụ ahụ dị ochie, anyị kwesịrị iburu nke a n'uche).
Ka anyị gaa n'usoro site na ngalaba ntinye. Anyị ahụlarị ọrụ na TCP. Kedu ihe ọzọ nwere ike ịmasị ebe a?
Jiri obi iti nwalee ozi
Enwere ohere na-adọrọ mmasị dị otú ahụ iji mepụta ozi nnwale akpaka.
Iji mee nke a, ịkwesịrị ịme ka ngwa mgbakwunye heartbean dị na ngalaba ntinye.
input {
heartbeat {
message => "HeartBeat!"
}
}
Gbanwuo ya, malite ịnata otu ugboro n'otu nkeji
logstash_one_channel | {
logstash_one_channel | "@timestamp" => 2019-04-29T13:52:04.567Z,
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "message" => "HeartBeat!",
logstash_one_channel | "@version" => "1",
logstash_one_channel | "host" => "a0667e5c57ec"
logstash_one_channel | }
Ọ bụrụ na anyị chọrọ ịnata ugboro ugboro, anyị kwesịrị ịgbakwunye paramita etiti oge.
Otu a ka anyị ga-esi enweta ozi kwa sekọnd iri.
input {
heartbeat {
message => "HeartBeat!"
interval => 10
}
}
Iweghachite data na faịlụ
Anyị kpebikwara ileba anya na ọnọdụ faịlụ. Ọ bụrụ na ọ na-arụ ọrụ nke ọma na faịlụ ahụ, mgbe ahụ ikekwe ọ nweghị onye ọrụ ọ bụla achọrọ, opekata mpe maka ojiji mpaghara.
Dị ka nkọwa ahụ si dị, ọnọdụ ọrụ kwesịrị ịdị ka ọdụ -f, i.e. na-agụ ahịrị ọhụrụ ma ọ bụ, dị ka nhọrọ, na-agụ faịlụ ahụ dum.
Yabụ ihe anyị chọrọ inweta:
- Anyị chọrọ ịnata ahịrị ndị agbakwunyere n'otu faịlụ ndekọ.
- Anyị chọrọ ịnata data nke edere na ọtụtụ faịlụ ndekọ, ebe anyị na-enwe ike ikewapụ ihe anatara na ebe.
- Anyị chọrọ ijide n'aka na mgbe logstash maliteghachiri, ọ naghị enweta data a ọzọ.
- Anyị chọrọ ịlele na ọ bụrụ na agbanyụrụ logstash, na-aga n'ihu na-ede data na faịlụ, mgbe ahụ mgbe anyị na-agba ya, anyị ga-enweta data a.
Iji mee nnwale ahụ, ka anyị tinye ahịrị ọzọ na docker-compose.yml, mepee ndekọ nke anyị na-etinye faịlụ.
version: '3'
networks:
elk:
volumes:
elasticsearch:
driver: local
services:
logstash:
container_name: logstash_one_channel
image: docker.elastic.co/logstash/logstash:6.3.2
networks:
- elk
environment:
XPACK_MONITORING_ENABLED: "false"
ports:
- 5046:5046
volumes:
- ./config/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro
- ./config/pipelines:/usr/share/logstash/config/pipelines:ro
- ./logs:/usr/share/logstash/input
Ma gbanwee ngalaba ntinye na habr_pipeline.conf
input {
file {
path => "/usr/share/logstash/input/*.log"
}
}
Ka anyị bido:
docker-compose up
Iji mepụta na dee faịlụ ndekọ, anyị ga-eji iwu a:
echo '1' >> logs/number1.log
{
logstash_one_channel | "host" => "ac2d4e3ef70f",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "@timestamp" => 2019-04-29T14:28:53.876Z,
logstash_one_channel | "@version" => "1",
logstash_one_channel | "message" => "1",
logstash_one_channel | "path" => "/usr/share/logstash/input/number1.log"
logstash_one_channel | }
Ee, ọ na-arụ ọrụ!
N'otu oge ahụ, anyị na-ahụ na anyị etinyela mpaghara ụzọ na-akpaghị aka. Nke a pụtara na n'ọdịnihu, anyị ga-enwe ike iji ya nyochaa ndekọ.
Ka anyị nwaa ọzọ:
echo '2' >> logs/number1.log
{
logstash_one_channel | "host" => "ac2d4e3ef70f",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "@timestamp" => 2019-04-29T14:28:59.906Z,
logstash_one_channel | "@version" => "1",
logstash_one_channel | "message" => "2",
logstash_one_channel | "path" => "/usr/share/logstash/input/number1.log"
logstash_one_channel | }
Ugbu a gaa na faịlụ ọzọ:
echo '1' >> logs/number2.log
{
logstash_one_channel | "host" => "ac2d4e3ef70f",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "@timestamp" => 2019-04-29T14:29:26.061Z,
logstash_one_channel | "@version" => "1",
logstash_one_channel | "message" => "1",
logstash_one_channel | "path" => "/usr/share/logstash/input/number2.log"
logstash_one_channel | }
Nnukwu! Ewelitere faịlụ ahụ, akọwapụtara ụzọ ahụ nke ọma, ihe niile dị mma.
Kwụsị logstash wee malite ọzọ. Ka anyị chere. gbachi nkịtị. Ndị ahụ. Anyị anaghị enweta ndekọ ndị a ọzọ.
Ma ugbu a, ndị kasị daring nnwale.
Wụnye logstash wee mee:
echo '3' >> logs/number2.log
echo '4' >> logs/number1.log
Gbaa logstash ọzọ wee hụ:
logstash_one_channel | {
logstash_one_channel | "host" => "ac2d4e3ef70f",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "message" => "3",
logstash_one_channel | "@version" => "1",
logstash_one_channel | "path" => "/usr/share/logstash/input/number2.log",
logstash_one_channel | "@timestamp" => 2019-04-29T14:48:50.589Z
logstash_one_channel | }
logstash_one_channel | {
logstash_one_channel | "host" => "ac2d4e3ef70f",
logstash_one_channel | "habra_field" => "Hello Habr",
logstash_one_channel | "message" => "4",
logstash_one_channel | "@version" => "1",
logstash_one_channel | "path" => "/usr/share/logstash/input/number1.log",
logstash_one_channel | "@timestamp" => 2019-04-29T14:48:50.856Z
logstash_one_channel | }
Hụ! Ebulitere ihe niile.
Mana anyị ga-adọ gị aka na ntị maka ihe ndị a. Ọ bụrụ na ehichapụ akpa ahụ nwere logstash (docker stop logstash_one_channel && docker rm logstash_one_channel), mgbe ahụ ọ nweghị ihe ga-ebuli. A na-echekwa ọnọdụ faịlụ a na-agụ ya n'ime akpa ahụ. Ọ bụrụ na ị na-agba ya site na ọkọ, ọ ga-anabata naanị ahịrị ọhụrụ.
Na-agụ faịlụ ndị dị adị
Ka anyị kwuo na anyị na-ewepụta logstash na nke mbụ, mana anyị enweelarị ndekọ na anyị ga-achọ ịhazi ha.
Ọ bụrụ na anyị na-agba logstash na ngalaba ntinye anyị ji n'elu, anyị agaghị enweta ihe ọ bụla. Naanị ahịrị ọhụrụ ka logstash ga-ahazi.
Ka ewelie ahịrị sitere na faịlụ ndị dị ugbu a, ị ga-agbakwunye ahịrị ọzọ na ngalaba ntinye:
input {
file {
start_position => "beginning"
path => "/usr/share/logstash/input/*.log"
}
}
Ọzọkwa, enwere nuance: nke a na-emetụta naanị faịlụ ọhụrụ nke logstash na-ahụbeghị. Maka otu faịlụ ndị nọbu na mpaghara nlele logstash, ọ chetala nha ha ma ugbu a ọ ga-ewebata ndenye ọhụrụ n'ime ha.
Ka anyị kwụsị ebe a mụọ ngalaba ntinye. A ka nwere ọtụtụ nhọrọ, mana nke ahụ ezuola anyị maka nnwale ndị ọzọ ugbu a.
Ntugharị na mgbanwe data
Ka anyị gbalịa dozie nsogbu a, ka anyị kwuo na anyị nwere ozi sitere na otu ọwa, ụfọdụ n'ime ha bụ ozi, na ụfọdụ bụ ozi njehie. Ha dị iche na mkpado. Ụfọdụ bụ INFO, ndị ọzọ bụ ERROR.
Anyị kwesịrị ikewapụ ha na ụzọ ọpụpụ. Ndị ahụ. Anyị na-ede ozi ozi n'otu ọwa, yana ozi njehie na nke ọzọ.
Iji mee nke a, si na ngalaba ntinye gaa na nzacha na mmepụta.
Iji ngalaba nzacha, anyị ga-atụgharị ozi na-abata, na-enweta hash (igodo-uru ụzọ abụọ) site na ya, nke anyị nwere ike ịrụ ọrụ na ya, ya bụ. kwasawanye dị ka ọnọdụ. Na na ngalaba mmepụta, anyị ga-ahọrọ ozi ma ziga onye ọ bụla na ọwa nke ya.
Iji grok na-atụgharị ozi
Iji kpachapụta eriri ederede wee nweta nhazi nke ubi site na ha, enwere ngwa mgbakwunye pụrụ iche na ngalaba nzacha - grk.
Na-etinyeghị onwe m ihe mgbaru ọsọ nke inye nkọwa zuru ezu banyere ya ebe a (maka nke a ka m na-ezo aka ), Aga m enye ihe atụ m dị mfe.
Iji mee nke a, ịkwesịrị ikpebi usoro nke eriri ntinye. Enwere m ha dị ka nke a:
1 ozi ozi1
2 ERROR ozi2
Ndị ahụ. Ihe nchọpụta na-abịa na mbụ, emesia INFO/ERROR, emesia okwu ụfọdụ na-enweghị oghere.
Ọ naghị esiri ike, mana o zuru ezu ịghọta ụkpụrụ nke ọrụ.
Yabụ, na ngalaba nzacha nke ngwa mgbakwunye grk, anyị ga-akọwarịrị ụkpụrụ maka ịkọwa ụdọ anyị.
Ọ ga-adị ka nke a:
filter {
grok {
match => { "message" => ["%{INT:message_id} %{LOGLEVEL:message_type} %{WORD:message_text}"] }
}
}
N'ezie ọ bụ okwu mgbe niile. A na-eji ụkpụrụ emebere emebere, dị ka INT, LOGLEVEL, WORD. Enwere ike ịchọta nkọwa ha, yana usoro ndị ọzọ, ebe a
Ugbu a, na-agafe na nzacha a, eriri anyị ga-aghọ hash nke ubi atọ: message_id, message_type, message_text.
A ga-egosipụta ha na ngalaba mmepụta.
Na-ebugharị ozi gaa na ngalaba mmepụta site na iji iwu ọ bụrụ
Na ngalaba mmepụta, dị ka anyị na-echeta, anyị ga-ekewa ozi n'ime iyi abụọ. Ụfọdụ - nke bụ iNFO, ga-apụta na njikwa, yana na njehie, anyị ga-emepụta na faịlụ.
Kedu ka anyị ga-esi kewaa ozi ndị a? Ọnọdụ nke nsogbu ahụ na-atụ aro ihe ngwọta - ka emechara, anyị enweelarị ubi ozi_type raara onwe ya nye, nke nwere ike were naanị ụkpụrụ abụọ: INFO na ERROR. Ọ bụ na ndabere a ka anyị ga-eme nhọrọ site na iji nkwupụta ọ bụrụ.
if [message_type] == "ERROR" {
# Здесь выводим в файл
} else
{
# Здесь выводим в stdout
}
Enwere ike ịchọta nkọwa nke ịrụ ọrụ na ubi na ndị ọrụ na ngalaba a .
Ugbu a, banyere nkwubi okwu n'onwe ya.
Mwepụta njikwa, ihe niile doro anya ebe a - stdout {}
Ma mmepụta na faịlụ - cheta na anyị na-agba ọsọ a niile site na akpa na ka faịlụ nke anyị na-ede na ya ga-esi n'èzí nweta, anyị kwesịrị imepe ndekọ a na docker-compose.yml.
Ọnụ:
Akụkụ mmepụta nke faịlụ anyị dị ka nke a:
output {
if [message_type] == "ERROR" {
file {
path => "/usr/share/logstash/output/test.log"
codec => line { format => "custom format: %{message}"}
}
} else
{stdout {
}
}
}
Na docker-compose.yml anyị na-agbakwunye olu ọzọ maka mmepụta:
version: '3'
networks:
elk:
volumes:
elasticsearch:
driver: local
services:
logstash:
container_name: logstash_one_channel
image: docker.elastic.co/logstash/logstash:6.3.2
networks:
- elk
environment:
XPACK_MONITORING_ENABLED: "false"
ports:
- 5046:5046
volumes:
- ./config/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro
- ./config/pipelines:/usr/share/logstash/config/pipelines:ro
- ./logs:/usr/share/logstash/input
- ./output:/usr/share/logstash/output
Anyị na-ebunye ya, nwalee ya, wee hụ nkewa n'ime iyi abụọ.
isi: www.habr.com