bump elk to 7.17.0 to support 8.0.1 in 22.x

2025-04-19 21:52:27 +00:00 · 2022-03-18 16:23:27 +00:00 · 2022-03-18 16:23:27 +00:00 · e2752458d4
commit e2752458d4
parent cac7cdcec6
6 changed files with 19 additions and 19 deletions
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV ES_VER=7.16.2 \
+ENV ES_VER=7.17.0 \
    ES_JAVA_HOME=/usr/lib/jvm/java-16-openjdk
 # Include dist
--- a/docker/elk/kibana/Dockerfile
+++ b/docker/elk/kibana/Dockerfile
@ -1,7 +1,7 @@
-FROM node:16.13.0-alpine3.14
+FROM node:16.13.2-alpine3.14
 #
 # VARS
-ENV KB_VER=7.16.2
+ENV KB_VER=7.17.0
 # 
 # Include dist
 ADD dist/ /root/dist/
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV LS_VER=7.16.2
+ENV LS_VER=7.17.0
 # Include dist
 ADD dist/ /root/dist/
 #
@ -32,11 +32,11 @@ RUN apk -U --no-cache add \
    rm -rf /usr/share/logstash/jdk && \
    # For some reason Alpine 3.14 does not report the -x flag correctly and thus elasticsearch does not find java
    sed -i 's/! -x/! -e/g' /usr/share/logstash/bin/logstash.lib.sh && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-filter-translate && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-filter-translate && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-input-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-input-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-gelf && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-gelf && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-syslog && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-syslog && \
 #
 # Add and move files
    cd /root/dist/ && \
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
    geoip {
      cache_size => 10000
      source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
    }
    geoip {
      cache_size => 10000
      source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
    }
    translate {
      refresh_interval => 86400
@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
      cache_size => 10000
      source => "t-pot_ip_ext"
      target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
    }
    geoip {
      cache_size => 10000
      source => "t-pot_ip_ext"
      target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
    }
  }
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
    geoip {
      cache_size => 10000
      source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
    }
    geoip {
      cache_size => 10000
      source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
    }
    translate {
      refresh_interval => 86400
@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
      cache_size => 10000
      source => "t-pot_ip_ext"
      target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
    }
    geoip {
      cache_size => 10000
      source => "t-pot_ip_ext"
      target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
    }
  }
--- a/docker/elk/logstash/docker-compose.yml
+++ b/docker/elk/logstash/docker-compose.yml
@ -7,8 +7,8 @@ services:
    build: .
    container_name: logstash
    restart: always
-    environment:
+#    environment:
-     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
+#     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
 #    depends_on:
 #      elasticsearch:
 #        condition: service_healthy