initial checkin
diff --git a/containers/elk/logstash-forwarder/conf/config.json b/containers/elk/logstash-forwarder/conf/config.json
new file mode 100644
index 0000000..71a9975
--- /dev/null
+++ b/containers/elk/logstash-forwarder/conf/config.json
@@ -0,0 +1,15 @@
+{
+ "network": {
+ "servers": [ "logstash:5043" ],
+ "ssl certificate": "/opt/certs/logstash-forwarder.crt",
+ "ssl key": "/opt/certs/logstash-forwarder.key",
+ "ssl ca": "/opt/certs/logstash-forwarder.crt",
+ "timeout": 15
+ },
+ "files": [
+ {
+ "paths": [ "/var/log/message", "/var/log/syslog" ],
+ "fields": { "type": "stdin" }
+ }
+ ]
+}
diff --git a/containers/elk/logstash-forwarder/conf/supervisord.conf b/containers/elk/logstash-forwarder/conf/supervisord.conf
new file mode 100644
index 0000000..c91b37c
--- /dev/null
+++ b/containers/elk/logstash-forwarder/conf/supervisord.conf
@@ -0,0 +1,9 @@
+[supervisord]
+nodaemon=true
+
+[program:logstash-forwarder]
+command=/opt/logstash-forwarder/logstash-forwarder -config /opt/logstash-forwarder/config.json
+autorestart=true
+stderr_logfile=/var/log/logstash.err.log
+stdout_logfile=/var/log/logstash.out.log
+