Hello,
I am trying to get the ELK up and running on docker. I have succesfully integrated the three services and they do in fact communicate with each other. My problem arises when I am trying to send messages to logstash over udp/tcp connection. I tried different input plugins including the udp, tcp and syslog plugins. In none of the cases or the tried configuration messages were actually being received. I checked and logstash is in fact listening to the requested ports. The application is also sending the packets to the right ip:port. However, no input is to be seen.
Does anybody have an idea what in the communication might possibly be going wrong?
Example.conf that I used:
input {
syslog {
port => "14544"
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
}
stdout {
codec => rubydebug
}
}
docker-compose
logstash:
image: logstash:2.4.0
ports:
- "5044:5044"
- "14544:14544"
- "14544:14544/udp"
links:
- elasticsearch
depends_on:
- elasticsearch