added log rotation to ELK logs (see #38)

spujadas · Apr 29, 2016 · 24b3e2d · 24b3e2d
1 parent c42aed8
commit 24b3e2d
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 0 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -119,6 +119,16 @@ ADD ./nginx.pattern ${LOGSTASH_HOME}/patterns/nginx
 RUN chown -R logstash:logstash ${LOGSTASH_HOME}/patterns
 
 
+### configure logrotate
+
+ADD ./elasticsearch-logrotate /etc/logrotate.d/elasticsearch
+ADD ./logstash-logrotate /etc/logrotate.d/logstash
+ADD ./kibana-logrotate /etc/logrotate.d/kibana
+RUN chmod 644 /etc/logrotate.d/elasticsearch \
+ && chmod 644 /etc/logrotate.d/logstash \
+ && chmod 644 /etc/logrotate.d/kibana
+
+
 ###############################################################################
 #                                   START
 ###############################################################################

diff --git a/docs/index.md b/docs/index.md
@@ -656,6 +656,8 @@ If this still seems to fail, then you should have a look at:
 
 - ELK's logs, by `docker exec`'ing into the running container (see [Creating a dummy log entry](#creating-dummy-log-entry)) and checking Logstash's logs (located in `/var/log/logstash`), Elasticsearch's logs (in `/var/log/elasticsearch`), and Kibana's logs (in `/var/log/kibana`).
 
+	Note that ELK's logs are rotated daily and are deleted after a week, using logrotate. You can change this behaviour by overwriting the `elasticsearch`, `logstash` and `kibana` files in `/etc/logrotate.d`.  
+
 ## Reporting issues <a name="reporting-issues"></a>
 
 You can report issues with this image using [GitHub's issue tracker](https://github.com/spujadas/elk-docker/issues) (please avoid raising issues as comments on Docker Hub, if only for the fact that the notification system is broken at the time of writing so there's a fair chance that I won't see it for a while).

diff --git a/elasticsearch-logrotate b/elasticsearch-logrotate
@@ -0,0 +1,9 @@
+/var/log/elasticsearch/*.log {
+    daily
+    rotate 7
+    copytruncate
+    compress
+    delaycompress
+    missingok
+    notifempty
+}
diff --git a/kibana-logrotate b/kibana-logrotate
@@ -0,0 +1,9 @@
+/var/log/kibana/kibana4.log {
+    daily
+    rotate 7
+    copytruncate
+    compress
+    delaycompress
+    missingok
+    notifempty
+}
diff --git a/logstash-logrotate b/logstash-logrotate
@@ -0,0 +1,9 @@
+/var/log/logstash/*.err /var/log/logstash/*.log /var/log/logstash/*.stdout {
+    daily
+    rotate 7
+    copytruncate
+    compress
+    delaycompress
+    missingok
+    notifempty
+}