Log Monitoring with Elasticsearch, Fluent-bit, Kibana
docker network create efk-network --driver bridge
docker volume create elastic_data --driver local
docker run \
-d \
--name nginx \
--network efk-network \
-v $(pwd)/nginx_logs:/var/log/nginx \
-p 8080:80 \
nginx:1.26.0-alpine
docker run -d \
--name fluent_bit \
--restart always \
--network efk-network \
-v $(pwd)/fluent-bit.conf:/fluent-bit/etc/fluent-bit.conf \
-v $(pwd)/parsers.conf:/fluent-bit/parsers.conf \
-v $(pwd)/nginx_logs:/var/log/nginx \
fluent/fluent-bit:3.0.6 \
fluent-bit \
-c /fluent-bit/etc/fluent-bit.conf \
-R /fluent-bit/parsers.conf
docker run \
-d \
--name elasticsearch \
--network efk-network \
-v elastic_data:/usr/share/elasticsearch/data \
-e "discovery.type=single-node" \
-e "xpack.security.enabled=false" \
--restart always \
docker.elastic.co/elasticsearch/elasticsearch:8.13.4
docker run \
-d \
--name kibana \
--network efk-network \
-p 5601:5601 \
--restart always \
-e "ELASTICSEARCH_HOSTS=http://elasticsearch:9200" \ docker.elastic.co/kibana/kibana:8.13.4
docker-compose up -d .
- Open http://localhost:5601 in your browser
- Go to Management -> Index Patterns -> Create Index Pattern
- Enter
nginx-log-*
and click Next - Select
@timestamp
and click Create Index Pattern - Go to Discover and you should see logs from NGINX