In this integration filebeat will install in all servers where your application is deployed and filebeat will read and ship latest logs changes from these servers to Kafka topic as configured for this application.
Logstash will subscribe log lines from kafka topic and perform parsing on these lines make relevant changes, formatting, exclude and include fields then send this processed data to Elasticsearch Indexes as centralize location from different servers.
Kibana is linked with Elasticsearch indexes which will help to do analysis by search, charts and dashboards .
git clone https://github.com/eunsour/docker-efk.git
docker-compose up -d --build-
Access Kibana → Stack Management → Index Patterns
-
Create Index Pattern → Input index pattern name (ex. filebeat-es-*.log)
-
Select @timestamp
-
Kibana → Analytics → Check your dashboard in Discover
