So I configured ELK - Stack with this config. And as result my logstash container shuts down and also while I was trying to fix it through CLI of logstash container I found out that I have no permission of any container so that's 2nd problem of mine.
1st - How to fix shutdown of logstash and finally test does my output .csv file I formed, works
2nd - Hot to get admin permissions on my elastichsearch, kibana and logstash containers.
Thanks in an advance.
docker-compose.yml
version: "3.5"
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.8.0
environment:
- discovery.type=single-node
- xpack.security.enabled=false
networks:
- elknet
ports:
- "9200:9200"
- "9300:9300"
logstash:
image: docker.elastic.co/logstash/logstash:7.8.0
depends_on:
- elasticsearch
ports:
- 5000:5000
volumes:
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:rw
- ./logstash/pipeline:/usr/share/logstash/pipeline:rw
networks:
- elknet
kibana:
image: docker.elastic.co/kibana/kibana:7.8.0
depends_on:
- logstash
ports:
- 5601:5601
networks:
- elknet
networks:
elknet:
driver: bridge
logstash.yml
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline
logstas.conf
input {
file {
path => "/user/share/logstash/pipeline/tat.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => [ "state","location", "address", "latitude", "longitude" ]
}
}
output {
elasticsearch {
hosts => "elasticsearch:9200"
index => "loca"
}
stdout{
}
}