-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdocker-compose.yml
71 lines (66 loc) · 3 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
version: "3"
services:
funk-server: # the funk-server to collect all log information and write them to the elasticsearchdb
networks:
- elk
ports:
- 3000:3000
image: fasibio/funk_server:latest
environment:
ELASTICSEARCH_URL: http://elasticsearch:9200
CONNECTION_KEY: changeMe7894561323 # Shared Key you have to set on each agent...
labels:
"funk.log": "false" #do not log this container! IMPORTANT no ending loop!!!
funk-agent: # the funk agent to collect the logs
networks:
- elk
image: fasibio/funk_agent:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Its nesssari to talk with docker it self. Agent will not be running without this
environment:
FUNK_SERVER: ws://funk-server:3000 # the adress to the funk-server it can be external too (is a websocket so ws instance of http and wss instance of https)
CONNECTION_KEY: changeMe7894561323 # The Shared Key configured at your funk-server installation
ENABLE_GEO_IP_INJECT: "false" # is broken at the moment so not activate
labels:
"funk.searchindex": "funk_agent" # The index at your elasticseach db to collect logs from this container
kibana: #Your Kibanasystem
networks:
- elk
ports:
- 5601:5601
image: docker.elastic.co/kibana/kibana:7.2.0
environment:
ELASTICSEARCH_USERNAME: elastic
ELASTICSEARCH_PASSWORD: MagicWord
ELASTICSEARCH_URL: http://elasticsearch:9200
labels:
"funk.log.staticcontent": "{\"usage\": \"loganalyze\"}" # Static information to log application cases for example staging
"funk.searchindex": "kibana" # The index at your elasticseach db to collect logs from this container
elasticsearch: #Your Elasticsearchdb
image: elasticsearch:7.2.0
ports:
- 127.0.0.1:9200:9200
- 9300:9300
networks:
- elk
environment:
ELASTIC_USERNAME: elastic
ELASTIC_PASSWORD: MagicWord
xpack.security.enabled: "true"
xpack.ml.enabled: "true"
xpack.watcher.enabled: "true"
discovery.type: "single-node"
labels:
"funk.log": "false" #do not log this container
testhttpd: # An Example container. No JSON Logging... Call port 127.0.0.1:8080 to produce log entries
image: httpd
ports:
- 8080:80
labels:
"funk.searchindex": "httpd" # The index at your elasticseach db to collect logs from this container
"funk.log.formatRegex": "(?P<client_ip>(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) - - \\[(?P<time>.*)\\] \"(?P<methode>GET|POST|PUT|DELETE).*\" (?P<status_code>[0-9]{3}).*" # No JSON so this regex will separate the messages into different values see the submatiching
"funk.log.stats": "false" # No statslogging
"funk.log.geodatafromip": ".client_ip" # funk agent will use the ip and will try to find out geo information <- this will not find this in this example because its a private ip
networks:
elk:
external: true