[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/

[root@localhost temp]# vim logstatsh_test.conf

==============================================================================================================

input {

    stdin {

    }

}

output {

    stdout {

    codec => rubydebug {}

    }

}

==============================================================================================================

[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf

Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties

[--04T10::,][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}

[--04T10::,][INFO ][logstash.pipeline        ] Pipeline main started

The stdin plugin is now waiting for input:

[--04T10::,][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>}

I love you so much!

{

    "@timestamp" => --04T02::.058Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "I love you so much!"

}

Me too!

{

    "@timestamp" => --04T02::.527Z,

      "@version" => "",

          "host" => "localhost.localdomain",

       "message" => "Me too!"

}

==============================================================================================================

# 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz

[nescafe@localhost temp]$ mkdir elasticsearch

[nescafe@localhost temp]$ cd elasticsearch

[nescafe@localhost elasticsearch]$ mkdir data

[nescafe@localhost elasticsearch]$ mkdir logs

[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml

path.data: /home/nescafe/temp/elasticsearch/data

path.logs: /home/nescafe/temp/elasticsearch/logs

network.host: 192.168.1.105

http.port:

discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]

discovery.zen.minimum_master_nodes:


# 以下命令nescafe换成当前对应用户

[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf

[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf

mv:是否覆盖"/etc/security/limits.conf"? y

[nescafe@localhost temp]$ ulimit -Hn

[root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf

[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf

[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf

mv:是否覆盖"/etc/sysctl.conf"? y

[root@localhost temp]# sysctl -p

vm.max_map_count = 

[root@localhost temp]# su nescafe

[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch

==============================================================================================================

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initializing ...

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]

[--04T11::,][INFO ][o.e.e.NodeEnvironment    ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [aggs-matrix-stats]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [ingest-common]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-expression]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-groovy]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-mustache]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [lang-painless]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [percolator]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [reindex]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty3]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] loaded module [transport-netty4]

[--04T11::,][INFO ][o.e.p.PluginsService     ] [AlphaGo] no plugins loaded

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] initialized

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] starting ...

[--04T11::,][INFO ][o.e.t.TransportService   ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.b.BootstrapChecks    ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks

[--04T11::,][WARN ][o.e.n.Node               ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s

[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}

[--04T11::,][INFO ][o.e.n.Node               ] [AlphaGo] started

==============================================================================================================

# http://192.168.1.105:9200/

{

  "name" : "AlphaGo",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "_na_",

  "version" : {

    "number" : "5.3.2",

    "build_hash" : "",

    "build_date" : "2017-04-24T16:15:59.481Z",

    "build_snapshot" : false,

    "lucene_version" : "6.4.2"

  },

  "tagline" : "You Know, for Search"

}

==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.

ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章

  1. 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载

    原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...

  2. CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)

    CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...

  3. 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程

    前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...

  4. ELk(Elasticsearch, Logstash, Kibana)的安装配置

    目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...

  5. 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)

    前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...

  6. (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...

  7. 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引

    from:  http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...

  8. 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台

    [转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...

  9. ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台

    一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...

随机推荐

  1. TreeView控件实践

    TreeView控件可以通过HierarchicalDataTemplate 和 DataTemplate来自定义. 1)HierarchicalDataTemplate用来支持HeaderedIte ...

  2. MySQL on Azure高可用性设计 DRBD - Corosync - Pacemaker - CRM (二)

    在上一篇文章中描述了MySQL HA on Azured 设计思路,本篇文章中将描述具体的部署,每个组件的安装和配置. 整体的设计架构如下: 下面将是所有组件的安装配置过程,所有的虚拟机是CentOS ...

  3. HDOJ1059(多重部分和问题)

    #include<cstdio> #include<cstring> using namespace std; +; ]; int dp[SIZE]; bool check() ...

  4. play 学习 一 : 构建SBT的play项目

    因为帮一个朋友做一个简单的项目,档案管理.同时也为了自己能学习PLay框架,所以记录一下. 项目GitHub地址: https://github.com/liufeiSAP/ArchiveManage ...

  5. java基础知识(11)---多线程

    多线程: 进程:正在进行中的程序.其实进程就是一个应用程序运行时的内存分配空间. 线程:其实就是进程中一个程序执行控制单元,一条执行路径.进程负责的是应用程序的空间的标示.线程负责的是应用程序的执行顺 ...

  6. <正则吃饺子> :关于gson使用的一点总结

    一.场景 在群里看到的信息:在使用 gson时候,报了个错 :java.lang.IllegalArgumentException:   declares multiple JSON fields n ...

  7. WEB服务器(IIS)的配置与管理

    安装Web服务器(IIS) 在"服务器管理器"-"角色"-"添加角色"-选择"Web服务器(IIS)"进行安装 这里,我 ...

  8. OS X 10.9 Mavericks下显示和隐藏文件(区别10.8.*)

    我们常常在Windows系统下通过界面设置显示和隐藏文件,在Mac OS X通常采用defaults write命令来解决这个问题. 之前的OS X 10.8.*系统可以使用如下两条命令来开始或者关闭 ...

  9. shell监测磁盘使用并发送邮件

    linux sendEmail工具的安装使用    1.下载文件 #wget  http://files.cnblogs.com/files/sunziying/sendEmail-v1.56.tar ...

  10. [poj3264]rmq算法学习(ST表)

    解题关键:rmq模板题,可以用st表,亦可用线段树等数据结构 log10和log2都可,这里用到了对数的换底公式 类似于区间dp,用到了倍增的思想 $F[i][j] = \min (F[i][j - ...