Elastic Logging Plugin configuration options
editElastic Logging Plugin configuration options
editThis functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
Use the following options to configure the Elastic Logging Plugin for Docker. You can
pass these options with the --log-opt
flag when you start a container, or
you can set them in the daemon.json
file for all containers.
Usage examples
editTo set configuration options when you start a container:
docker run --log-driver=elastic/elastic-logging-plugin:7.9.3 \ --log-opt endpoint="https://myhost:9200" \ --log-opt user="myusername" \ --log-opt password="mypassword" \ -it debian:jessie /bin/bash
To set configuration options for all containers in the daemon.json
file:
{ "log-driver" : "elastic/elastic-logging-plugin:7.9.3", "log-opts" : { "endpoint" : "https://myhost:9200", "user" : "myusername", "password" : "mypassword" } }
For more examples, see Usage examples.
Elastic Cloud options
editOption | Description |
---|---|
|
The Cloud ID found in the Elastic Cloud web console. This ID is used to resolve the Elastic Stack URLs when connecting to Elasticsearch Service on Elastic Cloud. |
|
The username and password combination for connecting to Elasticsearch Service on Elastic Cloud. The
format is |
Elasticsearch output options
editOption | Default | Description |
---|---|---|
|
|
The list of Elasticsearch nodes to connect to. Specify each node as a |
|
The basic authentication username for connecting to Elasticsearch. |
|
|
The basic authentication password for connecting to Elasticsearch. |
|
|
A format string
value that specifies the index to write events to when you’re using daily
indices. For example: |
|
Advanced: |
||
|
|
The number of seconds to wait before trying to reconnect to Elasticsearch after
a network error. After waiting |
|
|
The maximum number of seconds to wait before attempting to connect to Elasticsearch after a network error. |
|
Instead of using usernames and passwords, you can use API keys to secure communication with Elasticsearch. |
|
|
A format string value that specifies the ingest node pipeline to write events to. |
|
|
|
The http request timeout in seconds for the Elasticsearch request. |
|
The URL of the proxy to use when connecting to the Elasticsearch servers. The
value may be either a complete URL or a |
Configuring the local log
editThis plugin fully supports docker logs
, and it maintains a local copy of logs that can be read without a connection to Elasticsearch. The plugin mounts the /var/lib/docker
directory on the host to write logs to /var/log/containers
on the host. If you want to change the log location on the host, you must change the mount inside the plugin:
-
Disable the plugin:
docker plugin disable elastic/elastic-logging-plugin:7.9.3
-
Set the bindmount directory:
docker plugin set elastic/elastic-logging-plugin:7.9.3 LOG_DIR.source=NEW_LOG_LOCATION
-
Enable the plugin:
docker plugin enable elastic/elastic-logging-plugin:7.9.3
The local log also supports the max-file
, max-size
and compress
options that are a part of the Docker default file logger. For example:
docker run --log-driver=elastic/elastic-logging-plugin:7.9.3 \ --log-opt endpoint="myhost:9200" \ --log-opt user="myusername" \ --log-opt password="mypassword" \ --log-opt max-file=10 \ --log-opt max-size=5M \ --log-opt compress=true \ -it debian:jessie /bin/bash
In situations where logs can’t be easily managed, for example, you can also configure the plugin to remove log files when a container is stopped. This will prevent you from reading logs on a stopped container, but it will rotate logs without user intervention. To enable removal of logs for stopped containers, you must change the DESTROY_LOGS_ON_STOP
environment variable:
-
Disable the plugin:
docker plugin disable elastic/elastic-logging-plugin:7.9.3
-
Enable log removal:
docker plugin set elastic/elastic-logging-plugin:7.9.3 DESTROY_LOGS_ON_STOP=true
-
Enable the plugin:
docker plugin enable elastic/elastic-logging-plugin:7.9.3