elk 日志搭建

Posted on Posted in linux

1、 环境

Distributor ID: Ubuntu
Description:    Ubuntu 16.04 LTS
Release:    16.04
Codename:   xenial

2、 版本

elasticsearch-6.2.3.tar.gz
kibana-6.2.3-linux-x86_64.tar.gz
logstash-6.2.3.tar.gz

3、安装jdk

root@ubuntu:/usr/src# tar zxvf jdk-10_linux-x64_bin.tar.gz
root@ubuntu:/usr/src# mv jdk-10 /usr/lib/jdk
root@ubuntu:/usr/src# cd /usr/lib/jdk
root@ubuntu:/usr/lib/jdk# cat /etc/profile
export JAVA_HOME=/usr/lib/jdk
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH

4、 安装elasticsearch

root@ubuntu:/usr/src# tar zxvf elasticsearch-6.2.3.tar.gz
root@ubuntu:/usr/src# mv elasticsearch-6.2.3 /usr/local/elasticsearch
root@ubuntu:/usr/src# groupadd elsearch
root@ubuntu:/usr/src# useradd elsearch -g elsearch -p elasticsearch
root@ubuntu:/usr/src# chown -R elsearch:elsearch /usr/local/elasticsearch
root@ubuntu:/usr/src# cd /usr/local/elasticsearch/
root@ubuntu:/usr/src# runuser -l elsearch -c 'bin/elasticsearch'

5、 安装logstash

root@ubuntu:/usr/src# tar zxvf logstash-6.2.3.tar.gz
root@ubuntu:/usr/src# mv logstash-6.2.3 /usr/local/logstash
root@ubuntu:/usr/src# cd /usr/local/logstash/
root@ubuntu:/usr/local/logstash/config# vim logstash.conf # 新建配置文件
input {
     file {
        type => "log"
        path => "/var/log/*.log"
        start_position => "beginning"
    }
}

output {
  stdout { codec => rubydebug }

  elasticsearch {
    hosts => "127.0.0.1"
    index => "log-%{+YYYY.MM.dd}"
  }
}
root@ubuntu:/usr/local/logstash# bin/logstash -f config/logstash.conf

5、 安装kibana

root@ubuntu:/usr/src# tar zxvf kibana-6.2.3-linux-x86_64.tar.gz
root@ubuntu:/usr/src# mv kibana-6.2.3-linux-x86_64 /usr/local/kibana
root@ubuntu:/usr/local/kibana# vim config/kibana.yml
server.host: "0.0.0.0"
elasticsearch.url: "http://localhost:9200"
root@ubuntu:/usr/local/kibana# bin/kibana # 端口5601
» 转载请注明来源:若我若鱼 » elk 日志搭建

Leave a Reply

Your email address will not be published. Required fields are marked *

eight + seventeen =