先看看都需要安裝什麼軟體包
ruby 運作Kibana 必須,
rubygems 安裝ruby擴充必須
bundler 功能類似于yum
JDK 運作java程式必須
redis 用來處理日志隊列
logstash 收集、過濾日志
ElasticSearch 全文搜尋服務(logstash內建了一個)
kibana 頁面展示
192.168.18.240 logstash index,kibana,JDK
192.168.18.241 logstash agent,JDK
192.168.18.242 redis
192.168.18.243 ElasticSearch,JDK
先安裝redis (192.168.18.242)
#
wget http://redis.googlecode.com/files/redis-2.6.12.tar.gz
# tar zxvf redis-2.6.12.tar.gz
# mv redis-2.6.12 redis
# cd redis
# make -j24
# make install
# vi /root/soft/redis/redis.conf
修改level為 loglevel verbose
# redis-server /root/soft/redis/redis.conf &
看看 redis服務的狀态
# lsof -i:6379
安裝elasticsearch (192.168.18.243)
<code># vi /etc/apt/sources.list</code>
<code>deb http:</code><code>//ftp.debian.org/debian/ squeeze main non-free</code>
<code>deb-src http:</code><code>//ftp.debian.org/debian/ squeeze main non-free</code>
<code># apt-get update</code>
<code># apt-cache search sun-java</code>
<code># apt-get install sun-java6-jdk sun-java6-jre</code>
<code># java -version</code>
<code></code>
wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-0.20.6.zip
unzip
elasticsearch-0.20.6.zip
# <code>mv</code> elasticsearch-0.20.6
<code>/usr/local/share/elasticsearch</code>
<code>#</code>
cd /usr/local/share/elasticsearch/bin/
<code># ./elasticsearch -f</code>
在 logstash index上安裝基礎的軟體環境: (192.168.18.240)
<code>開始安裝logstash (</code>其實logstash 就是一個java腳本,不需要安裝... 下載下傳即用 )
# wget https://logstash.objects.dreamhost.com/release/logstash-1.1.9-monolithic.jar
# vi /root/soft/redis.conf
input {
redis {
host => '192.168.18.242'
data_type => 'list'
port => "6379"
key => 'logstash:redis'
type => 'redis-input'
}
}
output {
elasticsearch {
host => '192.168.18.243'
port => "9300"
}
# java -jar /root/soft/logstash-1.1.9-monolithic.jar agent -f /root/soft/redis.conf -- web --backend elasticsearch:///?local
配置logstash的agent (192.168.18.241)
安裝sun-java6-jre sun-java6-jdk
wget https://logstash.objects.dreamhost.com/release/logstash-1.1.9-monolithic.jar
stdin {
type => "stdin-type"
}
file {
type => "linux-syslog"
# Wildcards work, here :)
path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
redis {
host => '192.168.18.242'
data_type => 'list'
key => 'logstash:redis'
}
# java -jar /root/soft/logstash-1.1.9-monolithic.jar agent -f /root/soft/redis.conf &
OK,最後就是 Kibana了 ,我把Kibana裝在了 logstash index上面
<code># apt-get install ruby rubygems</code>
# gem install bundler
# bundle install
( /var/lib/gems/1.8/bin/bundle install )
以上為ruby運作環境
wget https://github.com/rashidkpc/Kibana/archive/v0.2.0.tar.gz
# tar zxvf Kibana-0.2.0.tar.gz
# cd Kibana-0.2.0
直接安裝就好了,非常簡單,因為之前咱們已經安裝好了 bundle
編輯配置檔案,指定 elasticsearch 的位置
# vim KibanaConfig.rb
.....
Elasticsearch = "192.168.18.243:9200"
KibanaPort = 5601
KibanaHost = '0.0.0.0'
主要是這幾個參數
啟動的話需要ruby
# /usr/bin/ruby kibana.rb &
# == Sinatra/1.3.5 has taken the stage on 5601 for development with backup from Thin
>> Thin web server (v1.5.0 codename Knife)
>> Maximum connections set to 1024
>> Listening on 0.0.0.0:5601, CTRL+C to stop
如果ruby的東西都不缺的話,啟動會很順利,ok 現在看看5601端口的狀态
# lsof -i:5601
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
ruby 3116 root 5u IPv4 28947 TCP *:esmagent (LISTEN)
<a href="http://img1.51cto.com/attachment/201303/133220759.jpg"></a>
呵呵,要的就是這個效果,日志會實時的彙總到 logstash index 上供我們查詢,當然這隻是開始使用logstash的第一步而已,更多的進階功能可以看看官方文檔
![GitHub連夜封殺!這份阿裡 10W 字内部 Java 字面試手冊到底有多強?[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)