Docker: Analysis Using Elasticsearch, Logstash & Kibana

Source: https://hub.docker.com/r/sebp/elk/

Goal:

Collect, search and visualize log data with ELK (Elasticsearch 2.3.5, Logstash 2.3.4, Kibana 4.5.4).

Steps:

I. Setup ELK on localhost.

(1) Obtain the ELK stack

(2) Run the ELK stack

sudo docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -p 5000:5000 -it –name elk sebp/elk

(3) Check Elasticsearch & Kibana status

II. Load the data using Elasticsearch (Python dict struct data sent to Elasticsearch(http://localhost:9200/))

III. Check index or pattern “*” in localhost:5601

IV. Make sure the table is loaded to Kibana as it is shown below.

V. Visualize it and create dashboards of choice.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this:

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…