[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/

[root@localhost temp]# vim logstatsh_test.conf

==============================================================================================================

input {

    stdin {

    }

}

output {

    stdout {

    codec => rubydebug {}

    }

}

==============================================================================================================

[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf

Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties

[--04T10::,][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}

[--04T10::,][INFO ][logstash.pipeline        ] Pipeline main started

The stdin plugin is now waiting for input:

[--04T10::,][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>}

I love you so much!

{

    "@timestamp" => --04T02::.058Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "I love you so much!"

}

Me too!

{

    "@timestamp" => --04T02::.527Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "Me too!"

}

==============================================================================================================

# 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz

[nescafe@localhost temp]$ mkdir elasticsearch

[nescafe@localhost temp]$ cd elasticsearch

[nescafe@localhost elasticsearch]$ mkdir data

[nescafe@localhost elasticsearch]$ mkdir logs

[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml

path.data: /home/nescafe/temp/elasticsearch/data

path.logs: /home/nescafe/temp/elasticsearch/logs

network.host: 192.168.1.105

http.port:

discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]

discovery.zen.minimum_master_nodes:


# 以下命令nescafe换成当前对应用户

[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf

mv:是否覆盖"/etc/security/limits.conf"? y

[nescafe@localhost temp]$ ulimit -Hn

[root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf

[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf

[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf

mv:是否覆盖"/etc/sysctl.conf"? y

[root@localhost temp]# sysctl -p

vm.max_map_count = 

[root@localhost temp]# su nescafe

[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch

==============================================================================================================

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initializing ...

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [aggs-matrix-stats]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [ingest-common]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-expression]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-groovy]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-mustache]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-painless]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [percolator]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [reindex]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty3]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty4]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] no plugins loaded

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initialized

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] starting ...

[--04T11::,][INFO ][o.e.t.TransportService   ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.b.BootstrapChecks    ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks

[--04T11::,][WARN ][o.e.n.Node               ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s

[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] started

==============================================================================================================

# http://192.168.1.105:9200/

{

  "name" : "AlphaGo",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "_na_",

  "version" : {

    "number" : "5.3.2",

    "build_hash" : "",

    "build_date" : "2017-04-24T16:15:59.481Z",

    "build_snapshot" : false,

    "lucene_version" : "6.4.2"

  },

  "tagline" : "You Know, for Search"

}

==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.

ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章

  1. 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载

    原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...

  2. CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)

    CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...

  3. 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程

    前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...

  4. ELk(Elasticsearch, Logstash, Kibana)的安装配置

    目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...

  5. 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)

    前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...

  6. (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...

  7. 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    from:  http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...

  8. 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台

    [转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...

  9. ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台

    一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...

随机推荐

  1. 【转】 Pro Android学习笔记(七一):HTTP服务(5):多线程调用HttpClient

    目录(?)[-] 应用共享HttpClient对象的同步问题 创建共享HttpClient代码 创建共享对象 创建可共享的HttpClient对象 使用共享HttpClient对象的代码 基础代码 修 ...

  2. Python错误处理和调试

    错误处理(try...except...finally...) try: print('try...') r = 10 / 0 print('result:', r) except ZeroDivis ...

  3. Skyline实现橡皮筋效果绘制矩形框

    这种类似于框选的效果用的比较普遍,一般三维平台和GIS平台都提供了支持接口,可是Skyline就是这么傲娇! 思路是这样的:绘制出的矩形框应该是一直与屏幕边框平行的,也就是矩形框的实际旋转角度是等于摄 ...

  4. IIS备份和还原

    当我们电脑系统有大量的站点和虚拟目录的时候,电脑因为种种原因需要重做系统,那么重装系统后这些站点我们是否只能一个一个的添加,如果有成百上千个站点呢,任务量可想而知,本文将介绍如何备份和还原window ...

  5. idea2016 64位 安装,jdk环境变量配置

      idea 激活服务器地址: 地址1: http://www.iteblog.com/idea/key.php     地址2:  http://idea.qinxi1992.cn/ intelli ...

  6. 通过HBase Shell与HBase交互

    出处:http://www.taobaotest.com/blogs/1604 业务开发测试HBase之旅二:通过HBase Shell与HBase交互 yedu 发表于:2011-10-11 浏览: ...

  7. 33、VCF格式

    转载:http://blog.sina.com.cn/s/blog_7110867f0101njf5.html http://www.cnblogs.com/liuhui0622/p/6246111. ...

  8. Entity Framework Code-First(1):Introduction

    Entity Framework Code-First: Learn Entity Framework Code-First in simple step-by-step tutorials. The ...

  9. String与字符数组

    public class Example { static String str = new String("good"); static char[] ch = {'a','b' ...

  10. Ubuntu12.04 上使用perl snmpwalk问题

    今天在Ubuntu12.04上使用perl来获取snmp数据,运行时出现下列问题.解决方法安装一下libnet-snmp-perl即可.命令行运行:sudo apt-get install libne ...