Maddosaurus/docker-compose.yml

## docker-compose.yml
# This config assumes docker-elk as Elastic Stack base.
# See https://github.com/deviantony/docker-elk

version: '3'

services:
  cowrie:
    restart: "always"
    image: cowrie/cowrie
    ports:
      - "2222:2222"
      - "2223:2223"
    volumes:
      - "./cowrie-log:/cowrie/cowrie-git/var/log/cowrie"
      #- ./cowrie-etc:/cowrie/cowrie-git/etc

  filebeat:
    image: docker.elastic.co/beats/filebeat:7.4.2
    environment:
      - setup.kibana.host=kibana:5601
      - output.elasticsearch.hosts=["elasticsearch:9200"]
    volumes:
      - "./cowrie-log:/data/cowrie:ro"
      - "./filebeat.docker.yml:/usr/share/filebeat/filebeat.yml:ro"
    networks:
      - docker-elk_elk

networks:
  docker-elk_elk:
    external: true

## filebeat-docker.yml
filebeat.inputs:
- type: log
  paths:
    - /data/cowrie/cowrie.json
  json.keys_under_root: true
  json.add_error_key: true

output.elasticsearch:
  hosts: '${ELASTICSEARCH_HOSTS:elasticsearch:9200}'
  username: 'elastic_username_here'
  password: 'elastic_password_here'
	# This config assumes docker-elk as Elastic Stack base.
	# See https://github.com/deviantony/docker-elk

	version: '3'

	services:
	cowrie:
	restart: "always"
	image: cowrie/cowrie
	ports:
	- "2222:2222"
	- "2223:2223"
	volumes:
	- "./cowrie-log:/cowrie/cowrie-git/var/log/cowrie"
	#- ./cowrie-etc:/cowrie/cowrie-git/etc

	filebeat:
	image: docker.elastic.co/beats/filebeat:7.4.2
	environment:
	- setup.kibana.host=kibana:5601
	- output.elasticsearch.hosts=["elasticsearch:9200"]
	volumes:
	- "./cowrie-log:/data/cowrie:ro"
	- "./filebeat.docker.yml:/usr/share/filebeat/filebeat.yml:ro"
	networks:
	- docker-elk_elk

	networks:
	docker-elk_elk:
	external: true
	filebeat.inputs:
	- type: log
	paths:
	- /data/cowrie/cowrie.json
	json.keys_under_root: true
	json.add_error_key: true

	output.elasticsearch:
	hosts: '${ELASTICSEARCH_HOSTS:elasticsearch:9200}'
	username: 'elastic_username_here'
	password: 'elastic_password_here'