diff --git a/efk/docker-compose.yml b/efk/docker-compose.yml
new file mode 100644
index 0000000..2dc4835
--- /dev/null
+++ b/efk/docker-compose.yml
@@ -0,0 +1,41 @@
+version: "3"
+services:
+ web:
+ image: httpd
+ ports:
+ - "80:80"
+ links:
+ - fluentd
+ logging:
+ driver: "fluentd"
+ options:
+ fluentd-address: localhost:24224
+ tag: httpd.access
+
+ fluentd:
+ build: ./fluentd
+ volumes:
+ - ./fluentd/conf:/fluentd/etc
+ links:
+ - "elasticsearch"
+ ports:
+ - "24224:24224"
+ - "24224:24224/udp"
+
+ elasticsearch:
+ image: docker.elastic.co/elasticsearch/elasticsearch:8.1.2
+ container_name: elasticsearch
+ environment:
+ - "discovery.type=single-node"
+ - xpack.security.enabled=false
+ expose:
+ - "9200"
+ ports:
+ - "9200:9200"
+
+ kibana:
+ image: docker.elastic.co/kibana/kibana:8.1.2
+ links:
+ - "elasticsearch"
+ ports:
+ - "5601:5601"
diff --git a/efk/fluentd/Dockerfile b/efk/fluentd/Dockerfile
new file mode 100644
index 0000000..bd32e7c
--- /dev/null
+++ b/efk/fluentd/Dockerfile
@@ -0,0 +1,6 @@
+# fluentd/Dockerfile
+
+FROM fluent/fluentd:v1.12.0-debian-1.0
+USER root
+RUN ["gem", "install", "fluent-plugin-elasticsearch", "--no-document", "--version", "5.2.4"]
+USER fluent
diff --git a/efk/fluentd/conf/fluent.conf b/efk/fluentd/conf/fluent.conf
new file mode 100644
index 0000000..bab3894
--- /dev/null
+++ b/efk/fluentd/conf/fluent.conf
@@ -0,0 +1,28 @@
+# fluentd/conf/fluent.conf
+
+
+ @type forward
+ port 24224
+ bind 0.0.0.0
+
+
+
+ @type copy
+
+
+ @type elasticsearch
+ host elasticsearch
+ port 9200
+ logstash_format true
+ logstash_prefix fluentd
+ logstash_dateformat %Y%m%d
+ include_tag_key true
+ type_name access_log
+ tag_key @log_name
+ flush_interval 1s
+
+
+
+ @type stdout
+
+