Febbweiss
84dbfe7dba
Feature: add rsyslog multiline logs
|
8 年 前 | |
|---|---|---|
| elasticsearch | 8 年 前 | |
| filebeat | 8 年 前 | |
| kibana | 8 年 前 | |
| logstash | 8 年 前 | |
| logstash-forwarder | 8 年 前 | |
| rsyslog | 8 年 前 | |
| .env | 8 年 前 | |
| .gitignore | 8 年 前 | |
| README.md | 8 年 前 | |
| docker-compose.yml | 8 年 前 |
README.md
This a end-to-end log centralizer powered by the ELK stask.
Embedded containers
- Filebeat - An agent to poll logs
- Logstash-Forwarder - An other agent to poll logs
- Logstash - The collector / analyzer / parser solution
- Kafka - The queueing solution for logs
- ZooKeeper - The cluster on which Kafka is running
- ElasticSearch - The indexing engine
- Kibana - The visualization / dashboard tool for ElasticSearch
- Kafka Manager - The Kafka cluster web manager
- Apache log generator - A container generating fake apache logs
- Random log generator - A container genrating text logs (Star Wars quotes)
How it works
There are 2 agent types :
- Filebeat
- Logstash-Forward
These agents push logs (from the apache and random generators) to a Logstasth shipper filling a Kafka queue (one type of log for one topic). A Logstash indexer polls the Kafka topics indexing logs into a ElasticSearch.
A short schema :
Agent -> Logstach shipper -> Kafka <- Logstash indexer -> ElasticSearch
Tools access
Kibana is available at http://localhost:5601. Kafka Manager is available at http://localhost:9000