# Install Log Agent on Docker Before installing the agent on the operating systems we support below, you need to download the certificate according to the instructions at [Initialize Certificate](https://docs-vngcloud-vn.translate.goog/vng-cloud-document/v/vn/vmonitor/dashboards/logs/lam-viec-voi-log-agent/khoi-tao-certificate) . Information on setting up the agent is in the readme file, and the instruction scripts are also in the downloaded certificate file. Use this information with the instructions below to complete Agent for Log setup. **Setting** FilebeatLogstash * Download images

Copy

docker pull docker.elastic.co/beats/filebeat:8.7.0
*** * [Download the certificate](https://vngctech.atlassian.net/wiki/spaces/VP/pages/847970312) to get user authentication information * If using the prepared script in the download folder, run the command: * In the setup example below, we will mount `/var/log/app.log`an agent installed using docker to push logs to the system

Copy

docker compose up -d -f docker-compose.yml
The configuration files below have been prepared by us in the script when downloading the certificate. The description below helps readers imagine what it would be like if we created a manual. **Configuration**
  • Filedocker-compose.yml
  • File filebeat.yml. The configuration below will retrieve all logs written to file /var/log/app.logfor vMonitor Platform:
  • Note: the $ variables BOOTSTRAP_SERVERS, $TOPICabove are already in container.envthe file in the downloaded certificate folder.

Copy

version: "3"
services:
  filebeat-agent-vmonitor:
    image: docker.elastic.co/beats/filebeat:8.7.0
    container_name: filebeat-agent-vmonitor
    restart: always
    env_file:
      - container.env
    volumes:
      -  $PWD/filebeat.yml:/usr/share/filebeat/filebeat.yml
      -  $PWD/VNG.trust.pem:/usr/share/filebeat/VNG.trust:rw
      -  $PWD/user.cer.pem:/usr/share/filebeat/user.cer.pem:rw
      -  $PWD/user.key.pem:/usr/share/filebeat/user.key.pem:rw
      -  /var/log/app.log:/var/log/app.log:ro
      -  /var/log/filebeat/:/var/log/filebeat/
    logging:
      driver: "json-file"
      options:
        max-size: "50m"
    deploy:
      resources:
         limits:
           cpus: '1'
           memory: 2G

Copy

filebeat.inputs:
- type: log
  paths:
    - /var/log/app.log
output.kafka:
hosts: ${BOOTSTRAP_SERVERS}
topic: ${TOPIC}
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
ssl.certificate_authorities:
- /usr/share/filebeat/VNG.trust
ssl.certificate: /usr/share/filebeat/user.cer.pem
ssl.key: /usr/share/filebeat/user.key.pem
ssl.verification_mode: "none"
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0644

Copy

version: "3"
services:
filebeat-agent-vmonitor:
image: docker.elastic.co/beats/filebeat:8.7.0
container_name: filebeat-agent-vmonitor
restart: always
env_file:
- container.env
volumes:
-  $PWD/filebeat.yml:/usr/share/filebeat/filebeat.yml
-  $PWD/VNG.trust.pem:/usr/share/filebeat/VNG.trust:rw
-  $PWD/user.cer.pem:/usr/share/filebeat/user.cer.pem:rw
-  $PWD/user.key.pem:/usr/share/filebeat/user.key.pem:rw
-  /var/log/app.log:/var/log/app.log:ro
-  /var/log/filebeat/:/var/log/filebeat/
logging:
driver: "json-file"
options:
max-size: "50m"
deploy:
resources:
limits:
cpus: '1'
memory: 2G

Copy

filebeat.inputs:
type: log
paths:
/var/log/app.log
output.kafka:
hosts: ${BOOTSTRAP_SERVERS}
topic: ${TOPIC}
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
ssl.certificate_authorities:
/usr/share/filebeat/VNG.trust
ssl.certificate: /usr/share/filebeat/user.cer.pem
ssl.key: /usr/share/filebeat/user.key.pem
ssl.verification_mode: "none"
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0644

Copy

version: "3"
services:
filebeat-agent-vmonitor:
image: docker.elastic.co/beats/filebeat:8.7.0
container_name: filebeat-agent-vmonitor
restart: always
env_file:
container.env
volumes:
$PWD/filebeat.yml:/usr/share/filebeat/filebeat.yml
$PWD/VNG.trust.pem:/usr/share/filebeat/VNG.trust:rw
$PWD/user.cer.pem:/usr/share/filebeat/user.cer.pem:rw
$PWD/user.key.pem:/usr/share/filebeat/user.key.pem:rw
/var/log/app.log:/var/log/app.log:ro
/var/log/filebeat/:/var/log/filebeat/
logging:
driver: "json-file"
options:
max-size: "50m"
deploy:
resources:
limits:
cpus: '1'
memory: 2G

Copy

filebeat.inputs:
type: log
paths:
/var/log/app.log
output.kafka:
hosts: ${BOOTSTRAP_SERVERS}
topic: ${TOPIC}
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
ssl.certificate_authorities:
/usr/share/filebeat/VNG.trust
ssl.certificate: /usr/share/filebeat/user.cer.pem
ssl.key: /usr/share/filebeat/user.key.pem
ssl.verification_mode: "none"
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0644
*** **Administration** FilebeatLogstash
  • Stop
  • Reload
  • Restart
  • Observe
  • Uninstall

Copy

docker stop filebeat

Copy

docker kill --signal=HUP filebeat

Copy

docker restart filebeat

Copy

docker logs --tail 100 -f filebeat

Copy

docker rm filebeat

Copy

docker stop filebeat

Copy

docker kill --signal=HUP filebeat

Copy

docker restart filebeat

Copy

docker logs --tail 100 -f filebeat

Copy

docker rm filebeat

Copy

docker stop filebeat

Copy

docker kill --signal=HUP filebeat

Copy

docker restart filebeat

Copy

docker logs --tail 100 -f filebeat

Copy

docker rm filebeat
*** Before performing agent installation on the operating systems we support below, you need to [Initialize Certificate](https://docs-vngcloud-vn.translate.goog/vng-cloud-document/v/vn/vmonitor/dashboards/logs/lam-viec-voi-log-agent/khoi-tao-certificate) . The setup agent instructions are in the readme file, the script instructions are also in the downloaded certificate file. Use this information with the instructions below to complete Agent for Log setup.