Good, a couple of days ago I set up ELK and everything worked fine, but now that I have set it up in docker-compose and after configuring it I can't get the logs that I want to send from another machine to mine, I show you the configuration files to see if you have any idea.
ubuntudocker@ubuntudocker:~/dockerelk$ cat docker-compose.yml
version: '3.7'
services:
elasticsearch:
image: elasticsearch:7.9.2
ports:
- '9200:9200'
environment:
- discovery.type=single-node
ulimits:
memlock:
soft: -1
hard: -1
kibana:
image: kibana:7.9.2
ports:
- '5601:5601'
logstash:
image: logstash:7.9.2
ports:
- '5000:5000'
volumes:
- type: bind
source: ./logstash_pipeline/
target: /usr/share/logstash/pipeline
read_only: true
cat logstash_pipeline/ports.conf
input {
tcp {
port => 5000
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
manage_template => false
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
}
}
CLIENT
sudo cat /etc/filebeat/filebeat.yml
filebeat.inputs:
- type: log
enabled: true
paths:
- "/var/log/apache2/*"
fields:
apache: true
fields_under_root: true
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup.template.settings:
index.number_of_shards: 3
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0640
output.logstash:
hosts: ["192.168.14.79:5000"]
The only log I get every time I start the service is this one:
