[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/

[root@localhost temp]# vim logstatsh_test.conf

==============================================================================================================

input {

    stdin {

    }

}

output {

    stdout {

    codec => rubydebug {}

    }

}

==============================================================================================================

[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf

Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties

[--04T10::,][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}

[--04T10::,][INFO ][logstash.pipeline        ] Pipeline main started

The stdin plugin is now waiting for input:

[--04T10::,][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>}

I love you so much!

{

    "@timestamp" => --04T02::.058Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "I love you so much!"

}

Me too!

{

    "@timestamp" => --04T02::.527Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "Me too!"

}

==============================================================================================================

# 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz

[nescafe@localhost temp]$ mkdir elasticsearch

[nescafe@localhost temp]$ cd elasticsearch

[nescafe@localhost elasticsearch]$ mkdir data

[nescafe@localhost elasticsearch]$ mkdir logs

[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml

path.data: /home/nescafe/temp/elasticsearch/data

path.logs: /home/nescafe/temp/elasticsearch/logs

network.host: 192.168.1.105

http.port:

discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]

discovery.zen.minimum_master_nodes:


# 以下命令nescafe换成当前对应用户

[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf

mv:是否覆盖"/etc/security/limits.conf"? y

[nescafe@localhost temp]$ ulimit -Hn

[root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf

[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf

[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf

mv:是否覆盖"/etc/sysctl.conf"? y

[root@localhost temp]# sysctl -p

vm.max_map_count = 

[root@localhost temp]# su nescafe

[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch

==============================================================================================================

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initializing ...

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [aggs-matrix-stats]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [ingest-common]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-expression]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-groovy]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-mustache]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-painless]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [percolator]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [reindex]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty3]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty4]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] no plugins loaded

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initialized

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] starting ...

[--04T11::,][INFO ][o.e.t.TransportService   ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.b.BootstrapChecks    ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks

[--04T11::,][WARN ][o.e.n.Node               ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s

[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] started

==============================================================================================================

# http://192.168.1.105:9200/

{

  "name" : "AlphaGo",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "_na_",

  "version" : {

    "number" : "5.3.2",

    "build_hash" : "",

    "build_date" : "2017-04-24T16:15:59.481Z",

    "build_snapshot" : false,

    "lucene_version" : "6.4.2"

  },

  "tagline" : "You Know, for Search"

}

==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.

ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章

  1. 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载

    原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...

  2. CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)

    CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...

  3. 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程

    前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...

  4. ELk(Elasticsearch, Logstash, Kibana)的安装配置

    目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...

  5. 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)

    前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...

  6. (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...

  7. 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    from:  http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...

  8. 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台

    [转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...

  9. ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台

    一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...

随机推荐

  1. [转]升级Flash Builder 4.6中的Flash Player版本

    Adobe自发布Flash Builder 4.6后,就暂停了Flash Builder新版本的发布.但AIR和FlashPlayer版本仍然保持不断的更新.在下载新的AIRSDK并覆盖到Flash ...

  2. HDOJ(1069)最长下降子序列

    每个箱子可有3种叠加方式,所以有3*n个箱子.将箱子按长度由大到小排序,有求箱子按宽度的最长下降子序列的高度之和即可. #include<cstdio> #include<algor ...

  3. HDOJ1059(多重部分和问题)

    #include<cstdio> #include<cstring> using namespace std; +; ]; int dp[SIZE]; bool check() ...

  4. 批量创建10个系统帐号tianda01-tianda10并设置密码

    #.添加用户 useradd tianda01 #.非交互式给密码 echo "pass"|passwd --stdin tianda #.- 加0思路 ()..} () #随机密 ...

  5. C# 播放音乐

    用 .NET 自带的类库 System.Media 下面的 SoundPlayer 来播放音乐的方式,此种方式使用托管代码,应该是更为可取的方式吧 使用起来非常简单,下面稍作说明: . 支持同步.异步 ...

  6. Socket对象以及异常

    1  socket构造器: public Socket() 创建一个Socket套接字 public Socket(InetAddress address,int port) 创建一个指定IP和端口的 ...

  7. byte和int转换

    byte b1=1,b2=2,b3,b6; final byte b4=4,b5=6; b6=b4+b5; b3=(b1+b2); System.out.println(b3+b6); b3=b1+b ...

  8. ES Docs-3:Modifying Data

    Modifying Data Indexing/Replacing Documents curl -XPUT 'localhost:9200/customer/external/1?pretty' - ...

  9. Vue 学习文档

    Vue 学习文档 vue 起步 引包 启动 new Vue(options) options: el 目的地(可以用类名.标签名等,也可以直接用mod元素) #elementId .elementCl ...

  10. 网页游戏开发秘笈 PDF扫描版

    精选10种常见的游戏类型,透过典型实例,深入剖析游戏引擎及工具的选用技巧,详细讲解每款游戏的制作过程,为快速掌握网页游戏开发提供系统而实用的指南. 网页游戏开发秘笈 目录: 译者序  前 言  导 言 ...