ELK Stack in Two Commands — docker-elk Overview for a Quick Start
Sound familiar: your application generates gigabytes of logs, and finding something important in them with grep is like finding a needle in a haystack? Or maybe you want to quickly throw together a monitoring system prototype, but the thought of hours spent configuring Elasticsearch, Logstash, and Kibana makes you shelve the idea for later? If so, I have great news for you.
Today we'll look at a project that has become a real lifesaver for me — deviantony/docker-elk. This repository lets you deploy a full ELK stack locally in just a couple of commands.
What kind of beast is this docker-elk?
In short, docker-elk is a ready-to-use set of Docker Compose configurations that spins up the three pillars of the Elastic ecosystem: Elasticsearch, Logstash, and Kibana. All components are based on official images from Elastic, which guarantees up-to-date versions and stability.
But the main beauty of this project isn't that. The author follows a philosophy that really resonates with me: good documentation is more important than complex automation. The repository doesn't try to be a one-size-fits-all production solution. Instead, it's a minimalist and clear template designed for experimentation, learning, and rapid development. No "black boxes" or hidden magic — just straightforward configs and clear instructions.
Why should you pay attention to it?
Let's break down the key points that make this project so convenient.
1. Launch in Two Commands
Seriously, this isn't an exaggeration. To launch the entire stack, you only need to run two commands in the terminal:
First, clone the repository:
git clone https://github.com/deviantony/docker-elk.git
Then initialize users and settings:
docker compose up setup
And finally, launch the stack itself:
docker compose up
That's it! In a minute or two, you'll find a ready-to-use Kibana interface waiting for you at http://localhost:5601.

2. Pain-Free Configuration
Want to change something? Easy. Each component's configuration is in a separate file:
elasticsearch/config/elasticsearch.ymlkibana/config/kibana.ymllogstash/config/logstash.yml
You can edit them directly or, even more conveniently, override parameters via environment variables right in docker-compose.yml. For example, if you need to give Logstash more memory, just add a few lines to its section:
logstash:
environment:
LS_JAVA_OPTS: -Xms1g -Xmx1g
This approach lets you quickly adapt the stack to your needs without diving deep into documentation.
3. Simple Version Management
Another cool feature is the ability to easily switch between ELK versions. All the magic happens in one file — .env. Want to test your application with the latest Elastic version? Just change the value of the ELASTIC_VERSION variable and rebuild the images:
# .env
ELASTIC_VERSION=9.2.1
This is incredibly convenient when you need to check compatibility or prepare for migrating to a new stack version.
4. Out-of-the-Box Extensibility
The project doesn't limit you to a standard feature set. Need to add a Logstash plugin to parse a specific log format? Just add one line to logstash/Dockerfile, rebuild the image, and you're done.
# logstash/Dockerfile
...
# Add your plugins here
# Example:
# RUN logstash-plugin install logstash-filter-json
Where can this be useful in practice?
I find docker-elk useful in several scenarios:
- Local development. When you're writing a service that actively works with logs, having Kibana at hand for analysis and debugging is extremely convenient. No need to stare at console output for hours — everything is visual and interactive.
- Learning and experiments. This is an ideal "sandbox" for anyone who wants to get acquainted with the Elastic Stack. You can break, fix, test complex queries, and learn how components interact with each other without any consequences.
- Rapid prototyping. Got an idea to collect and visualize some data? With
docker-elk, you can test a hypothesis in half an hour, whip up dashboards in Kibana, and see if it's worth pursuing further before investing in full-blown infrastructure.
An important nuance: this isn't for production!
The repository authors honestly warn you: don't use this configuration for production servers as-is. It's intentionally simplified for development convenience. For example, it disables some important Elasticsearch security checks that are mandatory for production.
Think of docker-elk as a starter template, a construction kit that you can and should customize if you plan to deploy it to production.
docker-elk is a great example of how a simple tool can save you a ton of time and nerves. It lowers the barrier to entry into the Elastic Stack world to a minimum and gives developers a convenient and powerful "sandbox" for solving everyday tasks.
If you frequently work with logs, deal with monitoring, or simply want to broaden your horizons, I strongly recommend bookmarking this repository. I'm confident it will come in handy more than once.
Related projects