0.拓扑图

参考:https://www.cnblogs.com/JetpropelledSnake/p/10057545.html

官网: http://kafka.apache.org/documentation.html#introduction  kafka原理

https://www.cnblogs.com/jixp/articles/9435699.html    Kafka全解析  https://blog.csdn.net/vinfly_li/article/details/79397201

1.logstash的配置

[root@VM_0_4_centos config]# cat wxqyh.yml|egrep -v '^$|^#'

input {

     file {

          type => "4personal20001"

          path => "/mnt/data/logs/personal_20001/log4j.log"

          start_position => "beginning"

          sincedb_path => "/dev/null"

          codec => multiline {

          pattern => "^%{TIMESTAMP_ISO8601}"

          negate => true

          what => "previous"

    }

}

     file {

          type => "4personal20002"

          path => "/mnt/data/logs/personal_20002/log4j.log"

          start_position => "beginning"

          sincedb_path => "/dev/null"

          codec => multiline {

          pattern => "^%{TIMESTAMP_ISO8601}"

          negate => true

          what => "previous"

    }

}

}

filter { 

grok   {

     match => {

               "message" => "^%{TIMESTAMP_ISO8601}\[%{WORD:level} %{GREEDYDATA:ajpcon}\| %{GREEDYDATA:data}"

              }

              match => {

               "message" => "^%{TIMESTAMP_ISO8601}\[ %{WORD:level} %{GREEDYDATA:ajpcon}\| %{GREEDYDATA:data}"

              }

              remove_field  => "message"

       }

       }

output {

    if [type] == "4personal20001" {

    kafka {
           max_request_size => 10485761

           bootstrap_servers => "10.0.0.134:9092"

           topic_id => "topic4personal1"

           compression_type => "snappy"

          }

}

    if [type] == "4personal20002" {

    kafka {
           max_request_size => 10485761

           bootstrap_servers => "10.0.0.134:9092"

           topic_id => "topic4personal2"

           compression_type => "snappy"

          }

}

}

2.kafka的配置

[root@VM_0_134_centos config]# cat server.properties|egrep -v '^$|^#'

broker.id=

listeners=PLAINTEXT://10.0.0.134:9092

advertised.listeners=PLAINTEXT://10.0.0.134:9092

num.network.threads=

num.io.threads=

socket.send.buffer.bytes=

socket.receive.buffer.bytes=

socket.request.max.bytes=

message.max.bytes=

replica.fetch.max.bytes=

log.dirs=/mnt/data/monitor01/kafka_2.-1.1./data

num.partitions=

num.recovery.threads.per.data.dir=

offsets.topic.replication.factor=

transaction.state.log.replication.factor=

transaction.state.log.min.isr=

log.retention.hours=

log.segment.bytes=

log.retention.check.interval.ms=

zookeeper.connect=localhost:

zookeeper.connection.timeout.ms=

group.initial.rebalance.delay.ms=

3.logstash2的配置

[root@VM_0_134_centos config]# cat haode.yml|egrep -v '^$|^#'

input {

  kafka {

     type => "topic12wxqyh8"

     codec => "plain"

     topics => ["topic12wxqyh8"]

     client_id => "es1"

     group_id => "es1"

     bootstrap_servers => "10.0.0.134:9092"

  }

  kafka {

     type => "topic12wxqyh9"

     codec => "plain"

     topics => ["topic12wxqyh9"]

     client_id => "es2"

     group_id => "es2"

     bootstrap_servers => "10.0.0.134:9092"

  }

  kafka {

     type => "topic24wxqyh6"

     codec => "plain"

     topics => ["topic24wxqyh6"]

     client_id => "es3"

     group_id => "es3"

     bootstrap_servers => "10.0.0.134:9092"

  }

  kafka {

     type => "topic24wxqyh7"

     codec => "plain"

     topics => ["topic24wxqyh7"]

     client_id => "es4"

     group_id => "es4"

     bootstrap_servers => "10.0.0.134:9092"

  }

  kafka {

     type => "topic4personal1"

     codec => "plain"

     topics => ["topic4personal1"]

     client_id => "es5"

     group_id => "es5"

     bootstrap_servers => "10.0.0.134:9092"

  }

  kafka {

     type => "topic4personal2"

     codec => "plain"

     topics => ["topic4personal2"]

     client_id => "es6"

     group_id => "es6"

     bootstrap_servers => "10.0.0.134:9092"

  }

}

output {

  if [type] == "topic12wxqyh8" {

     elasticsearch {

       index => "topic12wxqyh8"

       hosts => ["10.0.0.7:9200"]

     }

  }

  if [type] == "topic12wxqyh9" {

     elasticsearch {

        index => "topic12wxqyh9"

        hosts => ["10.0.0.7:9200"]

     }

  }

  if [type] == "topic24wxqyh6" {

     elasticsearch {

       index => "topic24wxqyh6"

       hosts => ["10.0.0.7:9200"]

     }

  }

  if [type] == "topic24wxqyh7" {

     elasticsearch {

       index => "topic24wxqyh7"

       hosts => ["10.0.0.7:9200"]

     }

  }

  if [type] == "topic4personal1" {

     elasticsearch {

       index => "topic4personal1"

       hosts => ["10.0.0.7:9200"]

     }

  }

  if [type] == "topic4personal2" {

     elasticsearch {

       index => "topic4personal2"

       hosts => ["10.0.0.7:9200"]

     }

  }

}

参考:https://www.cnblogs.com/swordfall/p/8860941.html#auto_id_4

4.kafka的问题:

4.1zookeeper--选主,提供访问入口

4.2 Kafka的原理

生产者将数据发送到Broker代理,Broker代理有多个话题topic,消费者从Broker获取数据。

参考: https://zhuanlan.zhihu.com/p/97030680

5.partion--相当于es的shard

logstash1 - kafka - logstash2 - elasticsearch - kibana的更多相关文章

  1. Filebeat+Kafka+Logstash+ElasticSearch+Kibana搭建完整版

    1. 了解各个组件的作用 Filebeat是一个日志文件托运工具,在你的服务器上安装客户端后,filebeat会监控日志目录或者指定的日志文件,追踪读取这些文件(追踪文件的变化,不停的读) Kafka ...

  2. Filebeat+Kafka+Logstash+ElasticSearch+Kibana 日志采集方案

    前言 Elastic Stack 提供 Beats 和 Logstash 套件来采集任何来源.任何格式的数据.其实Beats 和 Logstash的功能差不多,都能够与 Elasticsearch 产 ...

  3. lagstash + elasticsearch + kibana 3 + kafka 日志管理系统部署 02

    因公司数据安全和分析的需要,故调研了一下 GlusterFS + lagstash + elasticsearch + kibana 3 + redis 整合在一起的日志管理应用: 安装,配置过程,使 ...

  4. Flink SQL结合Kafka、Elasticsearch、Kibana实时分析电商用户行为

    body { margin: 0 auto; font: 13px / 1 Helvetica, Arial, sans-serif; color: rgba(68, 68, 68, 1); padd ...

  5. 安装logstash,elasticsearch,kibana三件套

    logstash,elasticsearch,kibana三件套 elk是指logstash,elasticsearch,kibana三件套,这三件套可以组成日志分析和监控工具 注意: 关于安装文档, ...

  6. 使用logstash+elasticsearch+kibana快速搭建日志平台

    日志的分析和监控在系统开发中占非常重要的地位,系统越复杂,日志的分析和监控就越重要,常见的需求有: * 根据关键字查询日志详情 * 监控系统的运行状况 * 统计分析,比如接口的调用次数.执行时间.成功 ...

  7. 安装logstash,elasticsearch,kibana三件套(转)

    logstash,elasticsearch,kibana三件套 elk是指logstash,elasticsearch,kibana三件套,这三件套可以组成日志分析和监控工具 注意: 关于安装文档, ...

  8. logstash+elasticsearch+kibana快速搭建日志平台

    使用logstash+elasticsearch+kibana快速搭建日志平台   日志的分析和监控在系统开发中占非常重要的地位,系统越复杂,日志的分析和监控就越重要,常见的需求有: 根据关键字查询日 ...

  9. 快速搭建应用服务日志收集系统(Filebeat + ElasticSearch + kibana)

    快速搭建应用服务日志收集系统(Filebeat + ElasticSearch + kibana) 概要说明 需求场景,系统环境是CentOS,多个应用部署在多台服务器上,平时查看应用日志及排查问题十 ...

随机推荐

  1. The websites related Laravel 相关网站(内容将不断更新)

    https://laraveldaily.com/ 文章内容质量很高

  2. update更新操作的URL地址

    http://localhost:8080/updateById/110?name=诸葛亮&age=3

  3. 我终于搞清楚了和String有关的那点事儿。

    String,是Java中除了基本数据类型以外,最为重要的一个类型了.很多人会认为他比较简单.但是和String有关的面试题有很多,下面我随便找两道面试题,看看你能不能都答对: Q1:String s ...

  4. python 局域网文件互传

    PCa: import socket Sockin = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) #新建socket Sockin.bind(( ...

  5. vue实战_从头开始搭建vue工程

    写在前面:vue工程入口文件分析 /index.html,/src/main.js,/src/APP.vue /index.html文件示例: <!DOCTYPE html> <ht ...

  6. 解决Maven的jar包冲突问题

    1. 问题描述 控制台说:无法将 com.zpx.servlet.MyServlet 识别为 javax.servlet.Servlet 2. 问题原因 Maven的一个核心功能就是一键构建,所以Ma ...

  7. DSSM算法-计算文本相似度

    转载请注明出处: http://blog.csdn.net/u013074302/article/details/76422551 导语 在NLP领域,语义相似度的计算一直是个难题:搜索场景下quer ...

  8. the requested PHP extension dom is missing from your system

    composer  出错 the requested PHP extension dom is missing from your system 解决办法    yum install  php70w ...

  9. Linux中查看系统资源占用情况的命令

    用 'top -i' 看看有多少进程处于 Running 状态,可能系统存在内存或 I/O 瓶颈,用 free 看看系统内存使用情况,swap 是否被占用很多,用 iostat 看看 I/O 负载情况 ...

  10. Methods for Identifying Out-of-Trend Results in Ongoing Stability Data

     python机器学习-乳腺癌细胞挖掘(博主亲自录制视频) https://study.163.com/course/introduction.htm?courseId=1005269003& ...