Configuration for shipping Docker logs to a locally installed Logstash

Chma · October 3, 2022, 10:27pm

I have my ELK deployed on an ec2 instance and a dockerized application running on a different instance. I am trying to use gelf to collect the different service logs and send to logstash. But my current configuration doesn't work.

Here's my docker.yaml file and my logstash conf file. For the gelf address I used the private ip of the instance where I have logstash running - is that what I should be using in this use case? What am I missing?

version: '3'
services:
  app:
    build: .
    volumes:
      - .:/app
    ports:
      - "8000:8000"
    links:
      - redis:redis
    depends_on:
      - redis
    logging:
      driver: gelf
      options:
        gelf-address: "udp://10.0.1.98:12201"
        tag: "dockerlogs"
  redis:
    image: "redis:alpine"
    expose:
      - "6379"
    logging:
      driver: gelf
      options:
        gelf-address: "udp://10.0.1.98:12201"
        tag: "redislogs"

This is my logstash conf:

input {
  beats {
    port => 5044
  }
  gelf {
    port:12201
    type=> "dockerLogs"
  }
}
output {
  elasticsearch {
    hosts => ["${ELK_IP}:9200"]
    index =>"logs-%{+YYYY.MM.dd}"
  }
}

system · October 31, 2022, 10:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Docker logging driver gelf not working Logstash	2	1024	January 24, 2019
Docker gelf udp to logstash-elasticsearch-kibana Logstash	3	1415	June 6, 2017
Monitoring logs from both inside the container and ELK Logstash docker	1	213	December 7, 2020
Sending container service logs to the elasticsearch Elasticsearch	3	381	August 7, 2019
Docker logging driver gelf doesn't work Logstash	2	966	December 18, 2017

Configuration for shipping Docker logs to a locally installed Logstash

Related topics