[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/

[root@localhost temp]# vim logstatsh_test.conf

==============================================================================================================

input {

    stdin {

    }

}

output {

    stdout {

    codec => rubydebug {}

    }

}

==============================================================================================================

[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf

Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties

[--04T10::,][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}

[--04T10::,][INFO ][logstash.pipeline        ] Pipeline main started

The stdin plugin is now waiting for input:

[--04T10::,][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>}

I love you so much!

{

    "@timestamp" => --04T02::.058Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "I love you so much!"

}

Me too!

{

    "@timestamp" => --04T02::.527Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "Me too!"

}

==============================================================================================================

# 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz

[nescafe@localhost temp]$ mkdir elasticsearch

[nescafe@localhost temp]$ cd elasticsearch

[nescafe@localhost elasticsearch]$ mkdir data

[nescafe@localhost elasticsearch]$ mkdir logs

[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml

path.data: /home/nescafe/temp/elasticsearch/data

path.logs: /home/nescafe/temp/elasticsearch/logs

network.host: 192.168.1.105

http.port:

discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]

discovery.zen.minimum_master_nodes:


# 以下命令nescafe换成当前对应用户

[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf

mv:是否覆盖"/etc/security/limits.conf"? y

[nescafe@localhost temp]$ ulimit -Hn

[root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf

[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf

[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf

mv:是否覆盖"/etc/sysctl.conf"? y

[root@localhost temp]# sysctl -p

vm.max_map_count = 

[root@localhost temp]# su nescafe

[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch

==============================================================================================================

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initializing ...

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [aggs-matrix-stats]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [ingest-common]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-expression]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-groovy]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-mustache]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-painless]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [percolator]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [reindex]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty3]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty4]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] no plugins loaded

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initialized

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] starting ...

[--04T11::,][INFO ][o.e.t.TransportService   ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.b.BootstrapChecks    ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks

[--04T11::,][WARN ][o.e.n.Node               ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s

[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] started

==============================================================================================================

# http://192.168.1.105:9200/

{

  "name" : "AlphaGo",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "_na_",

  "version" : {

    "number" : "5.3.2",

    "build_hash" : "",

    "build_date" : "2017-04-24T16:15:59.481Z",

    "build_snapshot" : false,

    "lucene_version" : "6.4.2"

  },

  "tagline" : "You Know, for Search"

}

==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.

ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章

  1. 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载

    原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...

  2. CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)

    CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...

  3. 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程

    前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...

  4. ELk(Elasticsearch, Logstash, Kibana)的安装配置

    目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...

  5. 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)

    前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...

  6. (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...

  7. 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    from:  http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...

  8. 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台

    [转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...

  9. ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台

    一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...

随机推荐

  1. Log4Net日志记录介绍

    原文地址 : http://www.cnblogs.com/wolf-sun/p/3347373.html#3009010 简介 log4net库是Apache log4j框架在Microsoft . ...

  2. Linux CentOS安装Azure Cli工具

    vim /etc/yum.repos.d/epel.repo [epel] name=epel baseurl=http://mirrors.sohu.com/fedora-epel/6/$basea ...

  3. 启动新内核出现:No filesystem could mount root, tried: ext3 ext2 cramfs vfa

    转载请注明出处:http://blog.csdn.net/qq_26093511/article/details/51841791 下载新编译的内核出现:No filesystem could mou ...

  4. u-boot向linux内核传递启动参数

    U-BOOT 在启动内核时,会向内核传递一些参数.BootLoader 可以通过两种方法传递参数给内核,一种是旧的参数结构方式(parameter_struct),主要是 2.6 之前的内核使用的方式 ...

  5. altium designer 中的top/bottom solder和top/bottom paste mask

    转载请注明出处:http://blog.csdn.net/qq_26093511/article/details/51751936 1.top solder为助焊层,说白一点就是说,有这个层的地方就没 ...

  6. jquery获取设置服务器控件的方法

    jquery获取设置服务器控件的方法 获取TextBox,HiddenField,Label的值.例如: <asp:TextBox ID="txtBoxID" runat=& ...

  7. LAMP 1.6 Discuz打开错误

    打开discuz失败, ps aux |grep mysql ps aux |grep httpd 查看mysql apache有没有打开. 重启mysql service mysqld restar ...

  8. Java Script 学习笔记 -- 基础知识

    Java script 概述 java Script 的简介 JavaScript一种直译式脚本语言,是一种动态类型.弱类型.基于原型的语言,内置支持类型.它的解释器被称为JavaScript引擎,为 ...

  9. 关于nginx的使用感想

    感慨: 最近老板说要转型NodeJs,所以接连用ThinkJS框架写了2个项目(不过通篇弱类型不用考虑class是真的爽啊...).那天老板又正好让我看看Ngxin的负载均衡和静态资源处理,那现在就写 ...

  10. Elasticsearch+Logstash+Kibana搭建分布式日志平台

    一.前言 编译安装 1.ELK简介 下载相关安装包地址:https://www.elastic.co/cn/downloads ELK是Elasticsearch+Logstash+Kibana的简称 ...