marcio-azevedo · July 21, 2017 22:29
diff --git a/elk-docker-cheat-sheet.sh b/elk-docker-cheat-sheet.sh
 # based on http://elk-docker.readthedocs.io/ image

 # get elk image - https://hub.docker.com/r/sebp/elk/ - just for the 1st get
 # sudo docker pull sebp/elk

 # run elk container - just for the 1st container creation
 # sudo docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

 # --
 # if using elasticsearch official docker image fix issue with elasticsearch container memory problem
 # $ sudo sysctl -w vm.max_map_count=262144

 # check running containers
 # or http://localhost:9000/ - https://github.com/kevana/ui-for-docker
 # $ sudo docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock uifd/ui-for-docker
 sudo docker ps

 # check created contrainers (running or not)
 sudo docker ps -a

 # delete a container
 # $ sudo docker rm <contairner id>

 # create container based on official image run https://hub.docker.com/_/elasticsearch/
 sudo docker run --name es -p 9200:9200 -p 9300:9300 -d elasticsearch -v

 # create container based on official image run https://hub.docker.com/_/kibana/
 sudo docker run --name kibana --link es:elasticsearch -p 5601:5601 -d kibana

 # start existing container
 sudo docker start es
 sudo docker start kibana

 # Kibana interface - http://localhost:5601/
 # Logstash Beats interface - http://localhost:5044/
 # Elasticsearch JSON interface - http://localhost:9200/
 # Elasticsearch transport interface - http://localhost:9300/

 # access container terminal
 sudo docker exec -i -t es /bin/bash
 sudo docker exec -i -t kibana /bin/bash

 # install X-PACK https://www.elastic.co/products/x-pack/security
 cd /usr/share/elasticsearch/
 bin/elasticsearch-plugin install x-pack
 bin/elasticsearch-plugin remove x-pack

 cd /usr/share/kibana/
 bin/kibana-plugin install x-pack
 bin/kibana-plugin remove x-pack

 # Navigate to Kibana at http://localhost:5601/
 # Log in as the built-in user (elastic:changeme)
 # more details here https://www.elastic.co/guide/en/x-pack/current/xpack-introduction.html

 # if using elk in a docker image inside a virtualbox vm, use IP 10.0.2.2 to access Host IP

 # sudo docker cp logstash-mssqlserver.PerformanceLogs.conf elk:/opt/logstash/bin/
 # docker cp mycontainer:/foo.txt foo.txt
	# based on http://elk-docker.readthedocs.io/ image

	# get elk image - https://hub.docker.com/r/sebp/elk/ - just for the 1st get
	# sudo docker pull sebp/elk

	# run elk container - just for the 1st container creation
	# sudo docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

	# --
	# if using elasticsearch official docker image fix issue with elasticsearch container memory problem
	# $ sudo sysctl -w vm.max_map_count=262144

	# check running containers
	# or http://localhost:9000/ - https://github.com/kevana/ui-for-docker
	# $ sudo docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock uifd/ui-for-docker
	sudo docker ps

	# check created contrainers (running or not)
	sudo docker ps -a

	# delete a container
	# $ sudo docker rm <contairner id>

	# create container based on official image run https://hub.docker.com/_/elasticsearch/
	sudo docker run --name es -p 9200:9200 -p 9300:9300 -d elasticsearch -v

	# create container based on official image run https://hub.docker.com/_/kibana/
	sudo docker run --name kibana --link es:elasticsearch -p 5601:5601 -d kibana

	# start existing container
	sudo docker start es
	sudo docker start kibana

	# Kibana interface - http://localhost:5601/
	# Logstash Beats interface - http://localhost:5044/
	# Elasticsearch JSON interface - http://localhost:9200/
	# Elasticsearch transport interface - http://localhost:9300/

	# access container terminal
	sudo docker exec -i -t es /bin/bash
	sudo docker exec -i -t kibana /bin/bash

	# install X-PACK https://www.elastic.co/products/x-pack/security
	cd /usr/share/elasticsearch/
	bin/elasticsearch-plugin install x-pack
	bin/elasticsearch-plugin remove x-pack

	cd /usr/share/kibana/
	bin/kibana-plugin install x-pack
	bin/kibana-plugin remove x-pack

	# Navigate to Kibana at http://localhost:5601/
	# Log in as the built-in user (elastic:changeme)
	# more details here https://www.elastic.co/guide/en/x-pack/current/xpack-introduction.html

	# if using elk in a docker image inside a virtualbox vm, use IP 10.0.2.2 to access Host IP

	# sudo docker cp logstash-mssqlserver.PerformanceLogs.conf elk:/opt/logstash/bin/
	# docker cp mycontainer:/foo.txt foo.txt