OS:centos6.6 64bit
java:jdk-7u79-linux-x64.rpm
E:elasticsearch-1.7.3.tar.gz
L:logstash-1.5.6-1.noarch.rpm
K:kibana-4.1.2-linux-x64.tar.gz
elasticsearch-2.1.1
kibana-4.3.1
logstash-2.1.1-1
filebeat-1.0.1
https://www.elastic.co/downloads/past-releases/logstash-1-5-6
https://www.elastic.co/downloads/past-releases/kibana-4-1-4
https://www.elastic.co/downloads/past-releases/elasticsearch-1-7-4
rpm -ivh elasticsearch-1.7.4.noarch.rpm
rpm -ivh logstash-1.5.6-1.noarch.rpm
# tar zxvf kibana-4.1.4-linux-x64.tar.gz
//這本身就是拆箱即用的東西, 我們給它找個好地方放起來
# mv kibana-4.1.4-linux-x64/ /usr/local/kibana
# ln -sv /usr/local/kibana/bin/kibana /usr/bin/kibana
#http://mo0on.blog.51cto.com/10522787/1729618 配置redis
# tar zxvf redis-3.0.6.tar.gz
# cd redis-3.0.6
# make PREFIX=/usr/local/redis install
//這裡糾結一下, redis如果不指定prefix路徑,那麼預設會在你這個解壓的檔案夾中編譯生成bin檔案
# ln -sv /usr/local/redis/bin/redis-server /usr/bin/redis-server
# ln -sv /usr/local/redis/bin/redis-cli /usr/bin/redis-cli
/usr/share/elasticsearch/bin/elasticsearch
/etc/logstash/conf.d/
logstash配置
Shipper->Broker->Indexer->ES
其中, Shipper可以了解為監控節點,将所有的(分布式業務中)業務産生的消息(log)發送給Broker,然後,Indexer從Broker讀取資料并推送給ES,我們就可以用kibana中擷取想要的資訊了
這裡我們糾結一下input的file配置:
首先,這個file插件隻是在程序運作的注冊階段初始化的一個FileWatch對象,它并不能支援l類似fluentd那樣的 path => "/path/to/%{+yyyy/MM/dd/hh}.log"
indexer.conf
input {
redis {
host => "127.0.0.1"
port => 6379
password => "8ff35947f8efe8db806622f6a98a1ea3"
type => "redis-input"
data_type => "list"
key => "key_count"
}
}
output {
stdout {}
elasticsearch {
cluster => "elasticsearch"
codec => "json"
protocol => "http"
}
shipper.conf
file {
path => ["/var/log/*.log", "/var/log/message"]
type => "system"
start_position => "beginning"
stdout {}
redis {
service logstash start
/usr/bin/kibana &
#ln -sv /usr/local/java/bin/java /usr/bin/java
報錯
{"name":"Kibana","hostname":"localhost","pid":18106,"level":30,"msg":"No existing kibana index found","time":"2016-10-14T08:01:33.983Z","v":0}
{"name":"Kibana","hostname":"localhost","pid":18106,"level":30,"msg":"Listening on 0.0.0.0:5601","time":"2016-10-14T08:01:34.002Z","v":0}
http://bbotte.com/logs-service/use-elk-processing-logs-basic-installation-and-config/
es插件
<a href="http://172.29.12.193:9200/_plugin/kopf/#!/cluster" target="_blank">http://xx:9200/_plugin/kopf/#!/cluster</a>
啟動
nohup /usr/bin/kibana &
logstash -f /etc/logstash/conf.d/logstash-indexer.conf or service logstash start
nohup /usr/share/elasticsearch/bin/elasticsearch &
本文轉自 liqius 51CTO部落格,原文連結:http://mo0on.blog.51cto.com/10522787/1729263,如需轉載請自行聯系原作者
![Java String.format方法的簡單使用[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)