6. Logspout install - Alexandre-Guth/Elastic-Stack-FileBeat-Logspout GitHub Wiki

We used Logspout out of the box with the container image: bekt/logspout-logstash

You can find our docker-compose.yml here:

https://github.com/Alexandre-Guth/Elastic-Stack-FileBeat-Logspout/blob/master/Logspout/docker-compose.yml

All the configuration is made with the docker-compose file. I added a custom field in order to process the docker logs to a dedicated index. This line LOGSTASH_FIELDS: fileset.module=logspout in the Logspout docker-compose allows this output in Logstash:

output { if "logspout" in [fileset.module] { elasticsearch { hosts => ["127.0.0.1:9200"] index => "logspout-%{+YYYY.MM.dd}" }}}

Which will create every day an index named logspout-date_of_the_day