[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/

[root@localhost temp]# vim logstatsh_test.conf

==============================================================================================================

input {

    stdin {

    }

}

output {

    stdout {

    codec => rubydebug {}

    }

}

==============================================================================================================

[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf

Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties

[--04T10::,][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}

[--04T10::,][INFO ][logstash.pipeline        ] Pipeline main started

The stdin plugin is now waiting for input:

[--04T10::,][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>}

I love you so much!

{

    "@timestamp" => --04T02::.058Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "I love you so much!"

}

Me too!

{

    "@timestamp" => --04T02::.527Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "Me too!"

}

==============================================================================================================

# 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz

[nescafe@localhost temp]$ mkdir elasticsearch

[nescafe@localhost temp]$ cd elasticsearch

[nescafe@localhost elasticsearch]$ mkdir data

[nescafe@localhost elasticsearch]$ mkdir logs

[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml

path.data: /home/nescafe/temp/elasticsearch/data

path.logs: /home/nescafe/temp/elasticsearch/logs

network.host: 192.168.1.105

http.port:

discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]

discovery.zen.minimum_master_nodes:


# 以下命令nescafe换成当前对应用户

[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf

mv:是否覆盖"/etc/security/limits.conf"? y

[nescafe@localhost temp]$ ulimit -Hn

[root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf

[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf

[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf

mv:是否覆盖"/etc/sysctl.conf"? y

[root@localhost temp]# sysctl -p

vm.max_map_count = 

[root@localhost temp]# su nescafe

[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch

==============================================================================================================

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initializing ...

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [aggs-matrix-stats]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [ingest-common]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-expression]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-groovy]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-mustache]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-painless]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [percolator]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [reindex]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty3]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty4]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] no plugins loaded

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initialized

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] starting ...

[--04T11::,][INFO ][o.e.t.TransportService   ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.b.BootstrapChecks    ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks

[--04T11::,][WARN ][o.e.n.Node               ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s

[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] started

==============================================================================================================

# http://192.168.1.105:9200/

{

  "name" : "AlphaGo",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "_na_",

  "version" : {

    "number" : "5.3.2",

    "build_hash" : "",

    "build_date" : "2017-04-24T16:15:59.481Z",

    "build_snapshot" : false,

    "lucene_version" : "6.4.2"

  },

  "tagline" : "You Know, for Search"

}

==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.

ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章

  1. 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载

    原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...

  2. CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)

    CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...

  3. 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程

    前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...

  4. ELk(Elasticsearch, Logstash, Kibana)的安装配置

    目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...

  5. 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)

    前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...

  6. (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...

  7. 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    from:  http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...

  8. 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台

    [转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...

  9. ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台

    一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...

随机推荐

  1. Linux 系统通过 Squid 配置实现代理上网

    本文转载自:https://help.aliyun.com/knowledge_detail/41342.html Squid 介绍 Squid 是一个缓存 Internet 数据的软件,其接收用户的 ...

  2. HDOJ1166(线段树点修改)

    敌兵布阵 Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others)Total Submis ...

  3. HDOJ1151有向图最小路径覆盖

    //有向图最小路径覆盖:从某一点出发沿着有向路径,不走回路,能将所有的结点遍历. #include<iostream> #include<cstdio> #include< ...

  4. VisualGDB系列9:配置VS直接通过SSH方式访问Linux项目

    根据VisualGDB官网(https://visualgdb.com)的帮助文档大致翻译而成.主要是作为个人学习记录.有错误的地方,Robin欢迎大家指正. 本文介绍如何使用VS和VisualGDB ...

  5. 删除 char[10][10] 中的一行

    1. 描述 删除二维字符数组其中一行,并用下一行进行填补 2. 代码 #include <iostream> #include <string.h> using namespa ...

  6. oracle sql 语句 示例

    --oracle 用户对象的导入导出 exp devimage/oracle@172.xx.x.xx/TESTDB owner='devimage' file=d:/devimage.dmp log= ...

  7. 进程vs线程

    内存中的内容不同 进程->{ 进程是系统分配资源的最基本单位,线程是进程的一部分, 进程中存储文件和网络句柄 } 线程->{ 栈(每个线程都有一个栈空间) pc(当前或下一条指令的地址,指 ...

  8. Jmeter测试接口简单使用教程

    1.         打开 解决  apache-jmeter-2.13  然后进解压后的然后点击bin 文件里面的jmeter.bat  打开jmeter 2.         添加测试组件 1:添 ...

  9. tcpdump网络数据抓包

    tcpdump,就是:dump the traffic on a network,根据使用者的定义对网络上的数据包进行截获的包分析工具. tcpdump可以将网络中传送的数据包的“头”完全截获下来提供 ...

  10. 应用程序无法正常启动提示错误0xc000007b 问题的原因和解决方法

    应用程序无法正常启动提示错误0xc000007b 问题的原因和解决方法 前提条件: 你使用的是VS201x软件编写程序,你使用的电脑是X64位的,并且你在使用OpenCV库.你编写的程序可以正常编译, ...