ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )
[root@localhost temp]# tar -zxvf logstash-5.3..tar.gz -C /usr/local/
[root@localhost temp]# vim logstatsh_test.conf
==============================================================================================================
input {
stdin {
}
}
output {
stdout {
codec => rubydebug {}
}
}
==============================================================================================================
[root@localhost temp]# /usr/local/logstash-5.3./bin/logstash -f logstatsh_test.conf
Sending Logstash's logs to /usr/local/logstash-5.3.2/logs which is now configured via log4j2.properties
[--04T10::,][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>, "pipeline.batch.size"=>, "pipeline.batch.delay"=>, "pipeline.max_inflight"=>}
[--04T10::,][INFO ][logstash.pipeline ] Pipeline main started
The stdin plugin is now waiting for input:
[--04T10::,][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>}
I love you so much!
{
"@timestamp" => --04T02::.058Z,
"@version" => "",
"host" => "localhost.localdomain",
"message" => "I love you so much!"
}
Me too!
{
"@timestamp" => --04T02::.527Z,
"@version" => "",
"host" => "localhost.localdomain",
"message" => "Me too!"
}
============================================================================================================== # 运行机器至少4G内存
[root@localhost temp]# tar -zxvf elasticsearch-5.3..tar.gz
[nescafe@localhost temp]$ mkdir elasticsearch
[nescafe@localhost temp]$ cd elasticsearch
[nescafe@localhost elasticsearch]$ mkdir data
[nescafe@localhost elasticsearch]$ mkdir logs
[root@localhost temp]# vim elasticsearch-5.3./config/elasticsearch.yml path.data: /home/nescafe/temp/elasticsearch/data
path.logs: /home/nescafe/temp/elasticsearch/logs
network.host: 192.168.1.105
http.port:
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "192.168.1.105"]
discovery.zen.minimum_master_nodes:
# 以下命令nescafe换成当前对应用户
[root@localhost temp]# cp /etc/security/limits.conf /etc/security/limits.conf.bak
[root@localhost temp]# cat /etc/security/limits.conf | grep -v "nescafe" > /tmp/system_limits.conf
[root@localhost temp]# echo "nescafe hard nofile 65536" >> /tmp/system_limits.conf
[root@localhost temp]# echo "nescafe soft nofile 65536" >> /tmp/system_limits.conf
[root@localhost temp]# mv /tmp/system_limits.conf /etc/security/limits.conf
mv:是否覆盖"/etc/security/limits.conf"? y
[nescafe@localhost temp]$ ulimit -Hn [root@localhost temp]# cat /etc/sysctl.conf | grep -v "vm.max_map_count" > /tmp/system_sysctl.conf
[root@localhost temp]# echo "vm.max_map_count=262144" >> /tmp/system_sysctl.conf
[root@localhost temp]# mv /tmp/system_sysctl.conf /etc/sysctl.conf
mv:是否覆盖"/etc/sysctl.conf"? y
[root@localhost temp]# sysctl -p
vm.max_map_count = [root@localhost temp]# su nescafe
[nescafe@localhost temp]$ elasticsearch-5.3./bin/elasticsearch
==============================================================================================================
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] initializing ...
[--04T11::,][INFO ][o.e.e.NodeEnvironment ] [AlphaGo] using [] data paths, mounts [[/home (/dev/mapper/cl-home)]], net usable_space [.7gb], net total_space [.9gb], spins? [possibly], types [xfs]
[--04T11::,][INFO ][o.e.e.NodeEnvironment ] [AlphaGo] heap size [.9gb], compressed ordinary object pointers [true]
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] node name [AlphaGo], node ID [XifXogadR3-lA9yHSIumjw]
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] version[5.3.], pid[], build[/--24T16::.481Z], OS[Linux/3.10.-514.16..el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) -Bit Server VM/1.8.0_121/25.121-b13]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [aggs-matrix-stats]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [ingest-common]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [lang-expression]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [lang-groovy]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [lang-mustache]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [lang-painless]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [percolator]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [reindex]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [transport-netty3]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] loaded module [transport-netty4]
[--04T11::,][INFO ][o.e.p.PluginsService ] [AlphaGo] no plugins loaded
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] initialized
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] starting ...
[--04T11::,][INFO ][o.e.t.TransportService ] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}
[--04T11::,][INFO ][o.e.b.BootstrapChecks ] [AlphaGo] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[--04T11::,][WARN ][o.e.n.Node ] [AlphaGo] timed out while waiting for initial discovery state - timeout: 30s
[--04T11::,][INFO ][o.e.h.n.Netty4HttpServerTransport] [AlphaGo] publish_address {192.168.1.105:}, bound_addresses {192.168.1.105:}
[--04T11::,][INFO ][o.e.n.Node ] [AlphaGo] started
==============================================================================================================
# http://192.168.1.105:9200/
{
"name" : "AlphaGo",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "_na_",
"version" : {
"number" : "5.3.2",
"build_hash" : "",
"build_date" : "2017-04-24T16:15:59.481Z",
"build_snapshot" : false,
"lucene_version" : "6.4.2"
},
"tagline" : "You Know, for Search"
}
==============================================================================================================
[nescafe@localhost temp]$ git clone git://github.com/mobz/elasticsearch-head.git
正克隆到 'elasticsearch-head'...
remote: Counting objects: 4063, done.
remote: Total 4063 (delta 0), reused 0 (delta 0), pack-reused 4063
接收对象中: 100% (4063/4063), 2.10 MiB | 10.00 KiB/s, done.
处理 delta 中: 100% (2222/2222), done.
ELK(ElasticSearch, Logstash, Kibana) v5.3.2 分布式日志收集分析最佳解决方案 基于CentOS 7 ( 一 )的更多相关文章
- 使用ELK(Elasticsearch + Logstash + Kibana) 搭建日志集中分析平台实践--转载
原文地址:https://wsgzao.github.io/post/elk/ 另外可以参考:https://www.digitalocean.com/community/tutorials/how- ...
- CentOS 6.x ELK(Elasticsearch+Logstash+Kibana)
CentOS 6.x ELK(Elasticsearch+Logstash+Kibana) 前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案, ...
- 键盘侠Linux干货| ELK(Elasticsearch + Logstash + Kibana) 搭建教程
前言 Elasticsearch + Logstash + Kibana(ELK)是一套开源的日志管理方案,分析网站的访问情况时我们一般会借助 Google / 百度 / CNZZ 等方式嵌入 JS ...
- ELk(Elasticsearch, Logstash, Kibana)的安装配置
目录 ELk(Elasticsearch, Logstash, Kibana)的安装配置 1. Elasticsearch的安装-官网 2. Kibana的安装配置-官网 3. Logstash的安装 ...
- 基于CentOS6.5或Ubuntu14.04下Suricata里搭配安装 ELK (elasticsearch, logstash, kibana)(图文详解)
前期博客 基于CentOS6.5下Suricata(一款高性能的网络IDS.IPS和网络安全监控引擎)的搭建(图文详解)(博主推荐) 基于Ubuntu14.04下Suricata(一款高性能的网络ID ...
- (转)开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引
Github, Soundcloud, FogCreek, Stackoverflow, Foursquare,等公司通过elasticsearch提供搜索或大规模日志分析可视化等服务.博主近4个月搜 ...
- 开源分布式搜索平台ELK(Elasticsearch+Logstash+Kibana)入门学习资源索引
from: http://www.w3c.com.cn/%E5%BC%80%E6%BA%90%E5%88%86%E5%B8%83%E5%BC%8F%E6%90%9C%E7%B4%A2%E5%B9%B ...
- 【转】ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析平台
[转自]https://my.oschina.net/itblog/blog/547250 摘要: 前段时间研究的Log4j+Kafka中,有人建议把Kafka收集到的日志存放于ES(ElasticS ...
- ELK(ElasticSearch+Logstash+ Kibana)搭建实时日志分析平台
一.简介 ELK 由三部分组成elasticsearch.logstash.kibana,elasticsearch是一个近似实时的搜索平台,它让你以前所未有的速度处理大数据成为可能. Elastic ...
随机推荐
- windows7下安装gem包---bcrypt-ruby
在Gemfile中添加 gem 'bcrypt-ruby', '~> 3.0.0' 然后执行bundle install,rails服务启动没有问题,但是运行程序时页面报错如下: cannot ...
- MyBatis总结(1)
MyBatis前身是ibatis,是一个数据持久层框架.封装优化了普通JDBC过程, 如数据库连接的创建.设置SQL语句参数.执行SQL语句.事务.结果映射以及资源释放等. MyBatis是一个支持普 ...
- ssh功能模块——paramiko
参考官网文档:http://docs.paramiko.org/
- 如何从光盘本地安装CentOS 7图形界面(Gnome GUI)
本例中通过在CentOS 7中修改repo文件,直接从光盘或者ISO镜像文件安装Gnome图形界面(Gnome GUI),从而避免耗时从官网或镜像下载. 1.首先确保光盘或者ISO镜像文件正确连接到客 ...
- [poj1088]滑雪(二维最长下降子序列)
解题关键:记忆化搜索 #include<cstdio> #include<cstring> #include<algorithm> #include<cstd ...
- docker里安装ubuntu
使用 Ubuntu 官方镜像 Ubuntu 相关的镜像有很多,这里使用 -s 10 参数,只搜索那些被收藏 10 次以上的镜像 $ docker search -s 10 ubuntu NAME DE ...
- 面试题: 数据库 真实面试题已看1 操作语句 存储过程 挺好 sql语句练习 有用
今天到某公司笔试,数据库考的比较多,但是说老实话,考的也比较基础.现在趁回忆得起来,将数据库知识简单整理如下: 一.建表指令 比如创建一个学生表student,它由学号Sno,姓名Sname,性别Ss ...
- hadoop作业调优参数整理及原理
hadoop作业调优参数整理及原理 10/22. 2013 1 Map side tuning参数 1.1 MapTask运行内部原理 当map task开始运算,并产生中间数据时,其产生的中间结果并 ...
- macos下清除dnscache
sudo killall -HUP mDNSResponder 参见链接
- Linux/Unix 指令使用说明的格式介绍(the Bash Command 'Usage' Syntax)
Linux/Unix 指令使用说明的格式介绍(the Bash Command 'Usage' Syntax) 摘自 金马的Blog 原文 http://www.lijinma.com/blo ...