Elastic Stack Dockerfile

This repository contains a Dockerfile of the Elastic Stack.

Dependencies

Image Tags

$ docker images

REPOSITORY                    TAG                 VIRTUAL SIZE
blacktop/elastic-stack        latest              1.91GB
blacktop/elastic-stack        7.13                1.91GB
blacktop/elastic-stack        7.12                1.26GB
blacktop/elastic-stack        7.11                1.26GB
blacktop/elastic-stack        7.10                1.26GB
blacktop/elastic-stack        7.9                 1.16GB
blacktop/elastic-stack        7.8                 1.16GB
blacktop/elastic-stack        7.7                 1.15GB
blacktop/elastic-stack        7.6                 976MB
blacktop/elastic-stack        7.5                 856MB
blacktop/elastic-stack        7.4                 870MB
blacktop/elastic-stack        7.3                 880MB
blacktop/elastic-stack        7.2                 850MB
blacktop/elastic-stack        7.1                 850MB
blacktop/elastic-stack        7.0                 801MB
blacktop/elastic-stack        6.8                 801MB
blacktop/elastic-stack        6.7                 801MB
blacktop/elastic-stack        6.6                 1.13GB
blacktop/elastic-stack        6.5                 1.16GB
blacktop/elastic-stack        6.4                 668MB
blacktop/elastic-stack        6.3                 717MB
blacktop/elastic-stack        6.2                 698MB
blacktop/elastic-stack        6.1                 620MB
blacktop/elastic-stack        6.0                 561MB
blacktop/elastic-stack        5.6                 543MB
blacktop/elastic-stack        5.5                 537MB
blacktop/elastic-stack        5.4                 539MB
blacktop/elastic-stack        5.3                 538MB
blacktop/elastic-stack        geoip               558MB
blacktop/elastic-stack        5.2                 537MB
blacktop/elastic-stack        4.6                 450.9MB
blacktop/elastic-stack        3.1                 363.3MB

NOTE: tag geoip is the same as tag latest, but includes the ingest-geoip and the ingest-user-agent plugins.

Getting Started

$ docker run -d --name elstack -p 80:80 -p 9200:9200 blacktop/elastic-stack

Now Navigate To

With Docker for Mac : http://localhost
With docker-machine : http://$(docker-machine ip)
With docker-engine : $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' elstack)

You can also use each part of the stack independently

Documentation

Known Issues ⚠️

I have noticed when running the new 5.0 version on a linux host you need to increase the memory map areas with the following command

echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
sudo sysctl -w vm.max_map_count=262144

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

Credits

Heavily (if not entirely) influenced by all the elastic official docker images

Todo

Install/Run Elastic Stack
Start Daemon and watch folder with supervisord
Expose Logstash config folder as well as Nginx sites folder as Volumes
Build ES test data docker image
Add Nginx entrypoint to pass USER/PASS in as env vars
Add SSL (auto-create certs if not found)
Add back a 3.0 version of the stack (elk stack)
Integrate with Bro-IDS

blacktop/docker-elastic-stack

blacktop

Reviews

Repository Details