User story

As a DevOps team member, I want to install Elastic Stack (v7.9.1 by default) so that all application and system logs are collected centrally for searching, visualizing, analyzing and reporting purpose

Assumptions

Infrastructre is setup in Docker swarm mode
All containerized custom applications are designed to start with GELF log driver in order to send logs to Elastic Stack
NOTE: for cases where filebeat is to be run in "Docker for AWS": you will need to turn off auditd module in the filebeat config. Otherwise, filebeat service will fail to run

Architecture

The architecture used is shown in the table below

High level design	In scope	Not in scope

Name		Name	Last commit message	Last commit date
Latest commit History 213 Commits
elk		elk
examples		examples
pics		pics
.gitignore		.gitignore
.travis.yml		.travis.yml
README.md		README.md
Vagrantfile		Vagrantfile
Vagrantfile.README.md		Vagrantfile.README.md
_config.yml		_config.yml
auditbeat-README.md		auditbeat-README.md
auditbeat-docker-compose.yml		auditbeat-docker-compose.yml
deployStack.sh		deployStack.sh
docker-compose.portainer.sh		docker-compose.portainer.sh
docker-compose.portainer.yml		docker-compose.portainer.yml
docker-compose.yml		docker-compose.yml
filebeat-docker-compose.yml		filebeat-docker-compose.yml
metricbeat-docker-compose.yml		metricbeat-docker-compose.yml
packetbeat-README.md		packetbeat-README.md
packetbeat-docker-compose.yml		packetbeat-docker-compose.yml
removeStack.sh		removeStack.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

User story

Assumptions

Architecture

shazChaudhry/docker-elastic

Folders and files

Latest commit

History

Repository files navigation

User story

Assumptions

Architecture