Docker images for Logstash are available from the Elastic Docker registry. The base image is ubuntu:20.04.
These images are free to use under the Elastic license. They contain open source and free commercial features and access to paid commercial features. Start a 30-day trial to try out all of the paid commercial features. See the Subscriptions page for information about Elastic license levels.
Obtaining Logstash for Docker is as simple as issuing a
pull command against the Elastic Docker registry.
docker pull docker.elastic.co/logstash/logstash:8.11.2
Alternatively, you can download other Docker images that contain only features available under the Apache 2.0 license. To download the images, go to www.docker.elastic.co.
Although it’s optional, we highly recommend verifying the signatures included with your downloaded Docker images to ensure that the images are valid.
Elastic images are signed with Cosign which is part of the Sigstore project. Cosign supports container signing, verification, and storage in an OCI registry. Install the appropriate Cosign application for your operating system.
Run the following commands to verify the container image signature for Logstash v8.11.2:
Download the Elastic public key to verify container signature
Verify the container against the Elastic public key
The command prints the check results and the signature payload in JSON format, for example:
Verification for docker.elastic.co/logstash/logstash:8.11.2 -- The following checks were performed on each of these signatures: - The cosign claims were validated - Existence of the claims in the transparency log was verified offline - The signatures were verified against the specified public key