skynyrd
5/9/2017 - 12:28 PM

Log from docker container to ELK with Gelf

Log from docker container to ELK with Gelf

Start Elastic

docker run -d --name es elasticsearch

Name it as logstash.conf and save it in /tmp

input {
  gelf { }
}

output {
  elasticsearch {
    hosts => ["elasticsearch"]
  }
  stdout { }
}

Start Logstash:

docker run -d --name logstash --link es:elasticsearch logstash -v /tmp/logstash.conf:/config-dir/logstash.conf logstash logstash -f /config-dir/logstash.conf

Start kibana

docker run -p 5601:5601 --link es:elasticsearch -d kibana

Start test container

docker run --rm --log-driver=gelf --log-opt gelf-address=udp://$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' logstash):12201 --log-opt tag="test" alpine /bin/sh -c "while true; do echo My Message \$RANDOM; sleep 1; done;"

Go to http://localhost:5601, create an index using @timestamp and enjoy!