|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Mall||72,096||4 days ago||40||apache-2.0||Java|
|mall项目是一套电商系统，包括前台商城系统及后台管理系统，基于SpringBoot+MyBatis实现，采用Docker容器化部署。 前台商城系统包含首页门户、商品推荐、商品搜索、商品展示、购物车、订单流程、会员中心、客户服务、帮助中心等模块。 后台管理系统包含商品管理、订单管理、会员管理、促销管理、运营管理、内容管理、统计报表、财务管理、权限管理、设置等模块。|
|Docker Elk||16,032||3 days ago||6||mit||Shell|
|The Elastic stack (ELK) powered by Docker and Compose.|
|Logstash||13,764||659||691||8 hours ago||57||November 27, 2017||2,102||other||Java|
|Logstash - transport and process your logs, events, or other data|
|Mall Swarm||10,846||a month ago||25||apache-2.0||Java|
|mall-swarm是一套微服务商城系统，采用了 Spring Cloud 2021 & Alibaba、Spring Boot 2.7、Oauth2、MyBatis、Docker、Elasticsearch、Kubernetes等核心技术，同时提供了基于Vue的管理后台方便快速搭建系统。mall-swarm在电商业务的基础集成了注册中心、配置中心、监控中心、网关等系统功能。文档齐全，附带全套Spring Cloud教程。|
|Awesome Elasticsearch||4,616||4 months ago||2||unlicense|
|A curated list of the most important and useful resources about elasticsearch: articles, videos, blogs, tips and tricks, use cases. All about Elasticsearch!|
|Helk||3,618||3 years ago||37||gpl-3.0||Jupyter Notebook|
|The Hunting ELK|
|Elastiflow||2,309||2 years ago||1||other||Shell|
|Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack|
|Redelk||2,184||20 days ago||30||bsd-3-clause||Python|
|Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.|
|Elk Docker||2,123||15 days ago||9||other||Shell|
|Elasticsearch, Logstash, Kibana (ELK) Docker image|
|Dockerfile||2,053||2 years ago||1||mit||HTML|
|some personally made dockerfile|
Elktail is a command line utility to query and tail ELK (elasticsearch, logstash, kibana) logs. Even though it's powerful, using Kibana's web interface to search and analyse the logs is not always practical. Sometimes you just wish to
tail -f the logs that you normally view in kibana to see what's happening right now. Elktail allows you to do just that, and more. Tail the logs. Search for errors and specific events on commandline. Pipe the search results to any of the standard unix tools. Use it in scripts. Redirect the output to a file to effectively download a log from es / kibana etc...
For additional information and usage examples take a look at this post: Elktail - Command Line Tool for Tailing and Querying ELK Logs
Please feel free to use the Issue Tracker if you have any feature ideas or requests (and, of course, to report bugs).
Elktail major versions follow ElasticSearch versions. Here's the table indicating which version Elktail you should for your ElasticSearch install:
Elktail is written in Go language, and if you have Go installed, you can just type in:
go get github.com/knes1/elktail
This will automatically download, compile and install the latest version of the app.
After that you should have
elktail executable in your
elktail using homebrew packet manager type in the following in the Terminal:
brew tap knes1/tap
brew install elktail
You can also download the executable binary from the releases page.
elktail is invoked without any parameters, it will attempt to connect to ES instance at
localhost:9200 and tail the logs in the latest logstash index (index that matches pattern
logstash-[0-9].*), displaying the contents of
message field. If your logstash logs do not have
message field, you can change the output format using -f parameter. For example:
elktail -f '%@timestamp %log'
If ES instance's endpoint is not publicly available over the internet, you can also connect to it through ssh tunnel. For example, if ES instance is installed on elastic.example.com, but port 9200 is firewalled, you can connect through SSH Tunnel:
elktail -ssh elastic.example.com
Elktail will connect as current user to elastic.example.com and establish ssh tunnel to port 9200 and then connect to ES through it. You can also specifiy the ssh user, ssh port and tunnel local port (9199 by default) in the following format:
elktail -ssh [localport:][user@]sshhost.tld[:sshport]
Once you successsfully connect to ES,
elktail will remember connection parameters for future invocations. You can than invoke
elktail without any parameters and it will connect to the last ES server it successfully connected to previously.
For example, once you successfully connect to ES using:
elktail -url "http://elastic.example.com:9200"
You can then invoke
elktail without any parameters and it will again attempt to connect to
Configuration parameters for last successful connection are stored in
Elktail also supports ES query string searches as the argument. For example, in order to tail logs from host
myhost.example.com that have log level of ERROR you could do the following:
elktail host:myhost.example.com AND level:error
Elktail supports specifying date range in order to query the logs at specific times. You can specify the date range by using after
-a and before
-b options followed by the date. When specifying dates use the following format: YYYY-MM-ddTHH:mm:ss.SSS (e.g 2016-06-17T15:20:00.000). Time part is optional and you can ommit it (e.g. you can leave out seconds, miliseconds, or the whole time part and only specify the date).
Since tailing the logs when using date ranges does not really make sense, when you spacify date range options list-only mode will be implied and following is automatically disabled (e.g.
elktail will behave as if you specified
Logstash stores the logs in elasticsearch in one-per-day indices. When specifying date range,
elktail needs to search through appropriate indices depending on the dates selected. Currently, this will only work if your index name pattern contains dates in YYYY.MM.dd format (which is logstash's default).
Search for errors after 3PM, April 1st, 2016:
elktail -a 2016-04-01T15:00 level:error
Search for errors betweem 1PM and 3PM on July 1st, 2016:
elktail -a 2016-07-01T13:00 -b 2016-07-01T15:00 level:error
Options marked with (*) are saved between invocations of the command. Each time you specify an option marked with (*) previously stored settings are erased. --url "http://127.0.0.1:9200" (*) ElasticSearch URL -f, --format "%message" (*) Message format for the entries - field names are referenced using % sign, for example '%@timestamp %message' -i, --index-pattern "logstash-[0-9].*" (*) Index pattern - elktail will attempt to tail only the latest of logstash's indexes matched by the pattern -t, --timestamp-field "@timestamp" (*) Timestamp field name used for tailing entries -l, --list-only Just list the results once, do not follow -n "50" Number of entries fetched initially -a, --after List results after specified date (example: -a "2016-06-17T15:00") -b, --before List results before specified date (example: -b "2016-06-17T15:00") -s Save query terms - next invocation of elktail (without parameters) will use saved query terms. Any additional terms specified will be applied with AND operator to saved terms -u (*) Username for http basic auth, password is supplied over password prompt --ssh, --ssh-tunnel (*) Use ssh tunnel to connect. Format for the argument is [localport:][user@]sshhost.tld[:sshport] --v1 Enable verbose output (for debugging) --v2 Enable even more verbose output (for debugging) --v3 Same as v2 but also trace requests and responses (for debugging) --version, -v Print the version --help, -h Show help