ELK Stack

Apr 19th, 2018

References

Usage

Get Docker ELK Stack

Download Docker ELK Stack

Bringing up the stack

$ docker-compose up

Initial setup

Default Kibana index pattern creation

Create an index pattern via the Kibana API:

curl -XPOST -D- 'http://localhost:5601/api/saved_objects/index-pattern' -H 'Content-Type: application/json' -H 'kbn-version: 6.2.3' -d '{"attributes":{"title":"logstash-*","timeFieldName":"@timestamp"}}'

Logback setup

pom dependencies

<dependency>
    <groupId>ch.qos.logback</groupId>
    <artifactId>logback-classic</artifactId>
    <version>1.2.3</version>
</dependency>
<dependency>
    <groupId>net.logstash.logback</groupId>
    <artifactId>logstash-logback-encoder</artifactId>
    <version>5.0</version>
</dependency>

logback.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration>
 
<configuration debug="true">
    <appender name="stash" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
        <destination>127.0.0.1:5000</destination>
 
        <!-- encoder is required -->
        <encoder class="net.logstash.logback.encoder.LogstashEncoder" />
    </appender>
 
    <root level="DEBUG">
        <appender-ref ref="stash" />
    </root>
</configuration>

Run the app

package com.aripd.pingerbee;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class MainApp {

    static final Logger LOG = LoggerFactory.getLogger(MainApp.class);

    public static void main(String[] args) throws Exception {
        for (int i = 0; i < 10; i++) {

            LOG.info("New customer successfully registered");
            LOG.warn("User password will expire in two days");
            LOG.error("Billing system is not available");

            Thread.sleep(200);
        }
    }

}