Skip to content

Instantly share code, notes, and snippets.

View robertsweetman's full-sized avatar
😎
automating all the things

Robert Sweetman robertsweetman

😎
automating all the things
3 followers · 4 following
View GitHub Profile
@robertsweetman
robertsweetman / keybase.md
Created August 31, 2022 10:59

Keybase proof

I hereby claim:

  • I am robertiansweetman on github.
  • I am robertsweetman (https://keybase.io/robertsweetman) on keybase.
  • I have a public key ASDlCOMAtGQo4wptr0qW9Dk90Ofr7w-6UrQwmv5aQ8xiJAo

To claim this, I am signing this object:

@robertsweetman
robertsweetman / Dockerfile
Last active June 11, 2021 22:27
Multi-stage Dockerfile for an Elasticsearch container which includes Kibana settings
ARG ELK_VERSION=7.6.2
FROM docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION} AS elasticbase
# copy index files to container
COPY ./elastic/index-templates /home/elasticsearch/index-templates/
# copy management scripts to container - required to send index-files to Elastisearch REST endpoint later
COPY << management script - not supplied in this gist >>
# script to check elasticsearch status before uploading settings
COPY ./check-ready.sh check-ready.sh
@robertsweetman
robertsweetman / pipeline.conf
Created May 31, 2019 22:57
Logstash pipeline config which also handles two Filebeat ingest nodes
# I started here: https://discuss.elastic.co/t/multiple-filebeats/153114/5
# however I found it quite confusing...
# In the end I managed to get this working (below)
# One 'pipeline.conf' creates 3 indexes, one of whose documents is being manipulated extensively (by logstash) before indexing
# the other 2 are using the Filebeat ingest node approach sending documents directly to elasticsearch
# filtering all relies on adding fields:type="value" to the filebeat config for each source of logs
# this is because the [@metadata][pipeline] approach as officially documented DOES NOT APPEAR TO WORK (YMMV)
input {