Public | Automated Build

Last pushed: 22 days ago
Short Description
Collect, search and visualise log data with Elasticsearch, Logstash, and Kibana.
Full Description

Elasticsearch, Logstash, Kibana (ELK) Docker image

This Docker image provides a convenient centralised log server and log management web interface, by packaging Elasticsearch, Logstash, and Kibana, collectively known as ELK.

The following tags are available:

  • latest, 520: Elasticsearch 5.2.0, Logstash 5.2.0, and Kibana 5.2.0.

  • 512: Elasticsearch 5.1.2, Logstash 5.1.2, and Kibana 5.1.2.

  • 511: Elasticsearch 5.1.1, Logstash 5.1.1, and Kibana 5.1.1.

  • 502: Elasticsearch 5.0.2, Logstash 5.0.2, and Kibana 5.0.2.

  • es501_l501_k501: Elasticsearch 5.0.1, Logstash 5.0.1, and Kibana 5.0.1.

  • es500_l500_k500: Elasticsearch 5.0.0, Logstash 5.0.0, and Kibana 5.0.0.

  • es241_l240_k461: Elasticsearch 2.4.1, Logstash 2.4.0, and Kibana 4.6.1.

  • es240_l240_k460: Elasticsearch 2.4.0, Logstash 2.4.0, and Kibana 4.6.0.

  • es235_l234_k454: Elasticsearch 2.3.5, Logstash 2.3.4, and Kibana 4.5.4.

  • es234_l234_k453: Elasticsearch 2.3.4, Logstash 2.3.4, and Kibana 4.5.3.

  • es234_l234_k452: Elasticsearch 2.3.4, Logstash 2.3.4, and Kibana 4.5.2.

  • es233_l232_k451: Elasticsearch 2.3.3, Logstash 2.3.2, and Kibana 4.5.1.

  • es232_l232_k450: Elasticsearch 2.3.2, Logstash 2.3.2, and Kibana 4.5.0.

  • es231_l231_k450: Elasticsearch 2.3.1, Logstash 2.3.1, and Kibana 4.5.0.

  • es230_l230_k450: Elasticsearch 2.3.0, Logstash 2.3.0, and Kibana 4.5.0.

  • es221_l222_k442: Elasticsearch 2.2.1, Logstash 2.2.2, and Kibana 4.4.2.

  • es220_l222_k441: Elasticsearch 2.2.0, Logstash 2.2.2, and Kibana 4.4.1.

  • es220_l220_k440: Elasticsearch 2.2.0, Logstash 2.2.0, and Kibana 4.4.0.

  • E1L1K4: Elasticsearch 1.7.3, Logstash 1.5.5, and Kibana 4.1.2.

Note – See the documentation page for more information on pulling specific combinations of versions of Elasticsearch, Logstash and Kibana.


See the ELK Docker image documentation web page for complete instructions on how to use this image.

Docker Hub

This image is hosted on Docker Hub at


Written by Sébastien Pujadas, released under the Apache 2 license.

Docker Pull Command
Source Repository

Comments (71)
14 hours ago

@oscardiedrichs Sorry to hear about that. Unfortunately I don't have access to a Mac so I can't help, but I do understand that users have run this image on Macs successfully.
Hope someone sees this and points you in the right direction.

14 days ago

Sadly all releases seem to be utterly broken on Docker for Mac.

Tried setting the "vm.max_map_count=262144" but still ES fails to start.

Kibana comes up but red lines since it can't connect to ES.

Tried the 520 version on a linux machine and it works, so the issue is clearly related to Docker for Mac stupid design.

Tried running ES "official" version, and it works, so I'm trying to figure out what they are doing to make it work.

a month ago

@cuthbeorht At first glance, this looks like a generic (non-Docker-specific) issue, so you'd have a better chance of getting answers over at

a month ago


I'm running into an issue in our ELK setup using this image. I set it up using docker-compose and am exposing the following ports:

  - "5601:5601"
  - "9200:9200"
  - "5044:5044"
  - "9300:9300"
  - "5959:5959/udp"

However, in my docker logs, the following shows up after 24-36 hours:

[2017-01-19T23:03:08,369][INFO ][logstash.inputs.syslog ] Starting syslog udp listener {:address=>""}
[2017-01-19T23:03:08,370][WARN ][logstash.inputs.syslog ] syslog listener died {:protocol=>:udp, :address=>"", :exception=>#<SocketError: bind: name or service not known>, :backtrace=>["org/jruby/ext/socket/ bind'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-3.2.0/lib/logstash/inputs/syslog.rb:141:inudp_listener'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-3.2.0/lib/logstash/inputs/syslog.rb:122:in server'", "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-3.2.0/lib/logstash/inputs/syslog.rb:102:inrun'"]}

I see Logstash trying to connect on port 5959 over and over. This prevents Logstash from receiving logs via port 5959. Can anyone provide any insight as to what's going on?

Thank you.

a month ago

@cecchisandrone No idea I'm afraid, but as this is a non-Docker-specific issue, I'd suggest that you head over to to get help with this one.

a month ago

Thanks for your answer @sebp. I found what you said but when I try to execute gosu elasticsearch bin/plugin install x-pack --batch I have: Trying ...
ERROR: failed to download out of all possible locations..., use --verbose to get detailed information
ERROR: Service 'elk' failed to build: The command '/bin/sh -c gosu elasticsearch bin/plugin install x-pack --batch' returned a non-zero code: 74. Do you know if there is a new location for it?

a month ago

@cecchisandrone The published version of the documentation applies to the latest tag (which is indeed ELK 5.x).
For the version you're using look at ("Elasticsearch's home directory in the image is /usr/share/elasticsearch).

a month ago

Hi I would like to install X-Pack on es241_l240_k461. I'm not able to find /opt/elasticsearch folder where the elasticsearch-plugin executable should be? How can I install the plugin? Is there an alternative way? Maybe the docs is for ELK 5.x

a month ago

@roka2016 Browse to http://localhost:5601 (see the documentation here for more information:

@runningking Not sure I understand what you believe is missing, could you elaborate?

2 months ago

Hi, How do I connect to the Kibana dashboard to view the logs?