@adityasinghal26 @renangenova
I'm new to the ELK stack
I watched a youtube tutorial and setup the ELK in my local using docker, here the youtube video link
This is my docker-compose.yml file
version: '3.6'
services:
Elasticsearch:
image: elasticsearch:8.6.2
container_name: elasticsearch
restart: always
volumes:
- elastic_data:/usr/share/elasticsearch/data/
environment:
ES_JAVA_OPTS: "-Xmx256m -Xms256m"
discovery.type: single-node
ports:
- '9200:9200'
- '9300:9300'
networks:
- elk
Logstash:
image: logstash:8.6.2
container_name: logstash
restart: always
volumes:
- ./logstash/:/logstash_dir
command: logstash -f /logstash_dir/logstash.conf
depends_on:
- Elasticsearch
ports:
- '9600:9600'
environment:
LS_JAVA_OPTS: "-Xmx256m -Xms256m"
networks:
- elk
Kibana:
image: kibana:8.6.2
container_name: kibana
restart: always
ports:
- '5601:5601'
environment:
- ELASTICSEARCH_URL=http://elasticsearch:9200
depends_on:
- Elasticsearch
networks:
- elk
volumes:
elastic_data: {}
networks:
elk:
I had created one more file in my local machine logstash/logstash.conf
input {
file {
path => "root/temp/anteater.log"
}
}
output {
elasticsearch {
hosts => ["http://elasticsearch:9200"]
}
}
after that i ran this command in terminal
docker compose up
I got this error in terminal
logstash | [2023-03-08T06:46:20,779][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"http://elasticsearch:9200/",
:exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError, :message=>"Got response code '401' contacting Elasticsearch at URL 'http://elasticsearch:9200/'"}
elasticsearch host http://localhost:9200/ in that host im getting this output (in chrome)
{
"name" : "4e1e8f4b954e",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "TqKXbDUpRQyJNvD8posibg",
"version" : {
"number" : "8.6.2",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "2d58d0f136141f03239816a4e360a8d17b6d8f29",
"build_date" : "2023-02-13T09:35:20.314882762Z",
"build_snapshot" : false,
"lucene_version" : "9.4.2",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
logstash host http://localhost:9600/ im getting this (in chrome)
{"host":"14a409d312cf","version":"8.6.2","http_address":"0.0.0.0:9600","id":"9fbe55d7-33d8-4218-8d86-0c52dec234a3","name":"14a409d312cf","ephemeral_id":"e0bb3a33-fcdc-4248-9a7e-d8837f6a5cd1","status":"green","snapshot":false,"pipeline":
{"workers":6,"batch_size":125,"batch_delay":50},"build_date":"2023-02-12T05:42:46+00:00","build_sha":"4f0229a28712eb16c78e6c8eaff04560828a6ae2","build_snapshot":false}
kibana host http://localhost:5601/ im getting this in chrome
Kibana server is not ready yet.
After that, I tried to access this http://elasticsearch:9200 host in chrome as mentioned in the docker-compose.yml file, I'm getting this error
This site can’t be reached
Check if there is a typo in elasticsearch.
DNS_PROBE_FINISHED_NXDOMAIN
after inspecting the logstash container
in pipeline/logstash.conf
input {
beats {
port => 5044
}
}
output {
stdout {
codec => rubydebug
}
}
in config/logstash.yml
http.host: "0.0.0.0"
xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]
I had tried so many solutions but still im getting this error, please help me solve this