Log from docker container to ELK with Gelf
Start Elastic
docker run -d --name es elasticsearch
Name it as logstash.conf
and save it in /tmp
input {
gelf { }
}
output {
elasticsearch {
hosts => ["elasticsearch"]
}
stdout { }
}
Start Logstash:
docker run -d --name logstash --link es:elasticsearch logstash -v /tmp/logstash.conf:/config-dir/logstash.conf logstash logstash -f /config-dir/logstash.conf
Start kibana
docker run -p 5601:5601 --link es:elasticsearch -d kibana
Start test container
docker run --rm --log-driver=gelf --log-opt gelf-address=udp://$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' logstash):12201 --log-opt tag="test" alpine /bin/sh -c "while true; do echo My Message \$RANDOM; sleep 1; done;"
Go to http://localhost:5601, create an index using @timestamp and enjoy!