OzWookiee
commented
5 months ago Hey Jeff, Honestly this is so old I would not consider it usable. Elastic has undergone so many changes in the last four years I'd probably use their directions to setup Elastic, Logstash (though you could probably use an Elastic node to process the inputs now) and Kibana in Docker, then import the index template and visualisations via Kibana. Then finally pull the configs into Logstash, but again they might need to be updated for the latest version of Logstash.
We've since moved off our on-prem phone system to Zoom Phone so I haven't kept this repo up to date.
Guidance:
- Follow the elasticsearch on Docker install steps: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html An alternate guide in this repo: docker-elk
- Open Kibana and import the index template and visualisations
- Configure Logstash
Let me know how you get on.
I've been trying to get this running for a couple days without reaching out, but I think i've reached my sanity's limit and need some help.
I believe I've been using this docker-compose file to get it working. https://medium.com/@lopchannabeen138/deploying-elk-inside-docker-container-docker-compose-4a88682c7643
The paths to the files seem to be in their respecitve "/usr/share" locations (/usr/share/logstash, /usr/share/kibana, /usr/share/elasticsearch). I've been trying to add your files to the containers as additional volume binds using the docker-compose. It doesn't want to come up. The logstash container keeps crashing.
I'm not really sure what I'm doing wrong. I'm also not super familiar with ELK. I was prepared to use your powershell script, but saw the open issue that showed you were missing the SQL setup file, so I tried this instead.
I'd prefer not to setup ELK directly on the server if I don't have to.
Any help or guidance (or other docker-compose recommendations) would be greatly appreciated.