bump elk to 7.17.0 to support 8.0.1 in 22.x

docker/elk/elasticsearch/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV ES_VER=7.16.2 \
+ENV ES_VER=7.17.0 \
     ES_JAVA_HOME=/usr/lib/jvm/java-16-openjdk
 
 # Include dist

docker/elk/kibana/Dockerfile

@@ -1,7 +1,7 @@
-FROM node:16.13.0-alpine3.14
+FROM node:16.13.2-alpine3.14
 #
 # VARS
-ENV KB_VER=7.16.2
+ENV KB_VER=7.17.0
 # 
 # Include dist
 ADD dist/ /root/dist/

docker/elk/logstash/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV LS_VER=7.16.2
+ENV LS_VER=7.17.0
 # Include dist
 ADD dist/ /root/dist/
 #
@@ -32,11 +32,11 @@ RUN apk -U --no-cache add \
     rm -rf /usr/share/logstash/jdk && \
     # For some reason Alpine 3.14 does not report the -x flag correctly and thus elasticsearch does not find java
     sed -i 's/! -x/! -e/g' /usr/share/logstash/bin/logstash.lib.sh && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-filter-translate && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-input-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-gelf && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-syslog && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-filter-translate && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-input-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-gelf && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-syslog && \
 #
 # Add and move files
     cd /root/dist/ && \

docker/elk/logstash/dist/http_output.conf

@@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
     translate {
       refresh_interval => 86400
@@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
   }
 

docker/elk/logstash/dist/logstash.conf

@@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
     translate {
       refresh_interval => 86400
@@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
   }
 

docker/elk/logstash/docker-compose.yml

@@ -7,8 +7,8 @@ services:
     build: .
     container_name: logstash
     restart: always
-    environment:
-     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
+#    environment:
+#     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
 #    depends_on:
 #      elasticsearch:
 #        condition: service_healthy