initial checkin
diff --git a/containers/elk/logstash/conf/logstash.conf b/containers/elk/logstash/conf/logstash.conf
new file mode 100644
index 0000000..8d3f57c
--- /dev/null
+++ b/containers/elk/logstash/conf/logstash.conf
@@ -0,0 +1,28 @@
+input {
+ syslog {
+ type => syslog
+ port => 514
+ }
+ lumberjack {
+ port => 5043
+ type => "logs"
+ ssl_certificate => "/opt/logstash/certs/logstash-forwarder.crt"
+ ssl_key => "/opt/logstash/certs/logstash-forwarder.key"
+ }
+ udp {
+ port => 25826
+ buffer_size => 1452
+ codec => collectd { }
+ }
+}
+output {
+
+stdout {
+ codec => json
+}
+
+elasticsearch {
+ host => "elasticsearch"
+ port => "9300"
+ }
+}