From e3d3c7bdbc25f6efe867729fdd06a14f00c37ff3 Mon Sep 17 00:00:00 2001
From: Jan David Mol <mol@astron.nl>
Date: Wed, 31 Mar 2021 20:54:46 +0200
Subject: [PATCH] Added volume for persistent logging, added default kibana
 objects

---
 docker-compose/elk.yml                           | 5 +++++
 docker-compose/elk/Dockerfile                    | 5 +++++
 docker-compose/elk/kibana/default-objects.ndjson | 3 +++
 3 files changed, 13 insertions(+)
 create mode 100755 docker-compose/elk/kibana/default-objects.ndjson

diff --git a/docker-compose/elk.yml b/docker-compose/elk.yml
index 118a770eb..d61b52c3b 100644
--- a/docker-compose/elk.yml
+++ b/docker-compose/elk.yml
@@ -8,6 +8,9 @@
 #
 version: '2'
 
+volumes:
+  elk-data: {}
+
 services:
   elk-configure-host:
     image: elk-configure-host
@@ -22,6 +25,8 @@ services:
         context: elk
     container_name: ${CONTAINER_NAME_PREFIX}elk
     network_mode: ${NETWORK_MODE}
+    volumes:
+      - elk-data:/var/lib/elasticsearch
     ports:
       - "5601:5601" # kibana
       - "9200:9200" # elasticsearch
diff --git a/docker-compose/elk/Dockerfile b/docker-compose/elk/Dockerfile
index 5f23bc06b..c416cf181 100644
--- a/docker-compose/elk/Dockerfile
+++ b/docker-compose/elk/Dockerfile
@@ -9,4 +9,9 @@ ADD logstash /etc/logstash/
 # Provide our kibana config
 # See also https://www.elastic.co/guide/en/kibana/7.x/saved-objects-api-import.html
 # and https://github.com/Bitergia/archimedes
+#
+# For now, start the container and run in this directory
+#
+# $ curl -X POST http://localhost:5601/api/saved_objects/_import -H "kbn-xsrf: true" --form file=@kibana/default-objects.ndjson
+
 
diff --git a/docker-compose/elk/kibana/default-objects.ndjson b/docker-compose/elk/kibana/default-objects.ndjson
new file mode 100755
index 000000000..3c9f118b2
--- /dev/null
+++ b/docker-compose/elk/kibana/default-objects.ndjson
@@ -0,0 +1,3 @@
+{"attributes":{"fieldAttrs":"{\"level\":{\"count\":1},\"message\":{\"count\":1},\"program\":{\"count\":2}}","fields":"[]","timeFieldName":"@timestamp","title":"logstash-*"},"id":"5340ad20-923d-11eb-9cc8-2fc0b321a697","migrationVersion":{"index-pattern":"7.11.0"},"references":[],"type":"index-pattern","updated_at":"2021-03-31T18:16:04.716Z","version":"WzE0NiwxXQ=="}
+{"attributes":{"columns":["extra.device","level","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Last hour","version":1},"id":"cf4947d0-924f-11eb-9cc8-2fc0b321a697","migrationVersion":{"search":"7.9.3"},"references":[{"id":"5340ad20-923d-11eb-9cc8-2fc0b321a697","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2021-03-31T18:35:04.269Z","version":"WzE2NywxXQ=="}
+{"exportedCount":2,"missingRefCount":0,"missingReferences":[]}
\ No newline at end of file
-- 
GitLab