docker-compose and configuration for elastic stack

apache.conf

input 
{
	beats {
    	port => 5044
	}
	
}

filter
{
	grok{
		match => {
			"message" => "%{COMBINEDAPACHELOG}"
		}
	}
	mutate{
		convert => { "bytes" => "integer" }
	}
	date {
		match => [ "timestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]
		locale => en
		remove_field => "timestamp"
	}
	geoip {
		source => "clientip"
	}
	useragent {
		source => "agent"
		target => "useragent"
	}
}

output
{
	stdout {
		codec => dots
	}

 	elasticsearch {
 		hosts => ["elasticsearch:9200"]
  	}
}

docker-compose.yml

---
version: '3.6'
services:

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.5.0

  logstash:
    image: docker.elastic.co/logstash/logstash:6.5.0
    command: logstash -f /user/share/logstash/pipeline/apache.conf
    volumes:
      - './data/apache.conf:/user/share/logstash/pipeline/apache.conf'
    depends_on: ['elasticsearch']

  filebeat:
    image: docker.elastic.co/beats/filebeat:6.5.0
    volumes:
      - './data/logs:/usr/share/data/logs:ro'
      - './data/filebeat.yml:/usr/share/filebeat/filebeat.yml'
    depends_on: ['logstash']

  kibana:
    image: docker.elastic.co/kibana/kibana:6.5.0
    ports: ['5601:5601']
    depends_on: ['elasticsearch']

filebeat.yml

filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /usr/share/data/logs/logs

output.logstash:
  hosts: ["logstash:5044"]