目的是实验证,只用于收集日志开发调试
docker run --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" registry.cn-hangzhou.aliyuncs.com/uv/elasticsearch:7.2.0
docker run --link elasticsearch:elasticsearch -p 5601:5601 registry.cn-hangzhou.aliyuncs.com/uv/kibana:7.2.0
docker run --name=filebeat --user=root \
--volume="$(pwd)/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro" \
--volume="/var/lib/docker/containers:/var/lib/docker/containers:ro" \
--volume="/var/run/docker.sock:/var/run/docker.sock:ro" \
registry.cn-hangzhou.aliyuncs.com/uv/filebeat:7.2.0 filebeat -e -strict.perms=false \
-E output.elasticsearch.hosts=["172.17.13.5:9200"]
filebeat.yml
filebeat.config:
modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
filebeat.autodiscover:
providers:
- type: docker
hints.enabled: true
processors:
- add_cloud_metadata: ~