ELK实时日志分析平台部署搭建详细实现过程
2023-06-13 09:15:45 时间
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
禁用SELINUX
[root@localhost ~]# setenforce 0 [root@localhost ~]# sed -i /SELINUX/s/enforcing/disabled/ /etc/selinux/configjava环境
[root@localhost src]# tar zxvf jdk-8u181-linux-x64.tar.gz [root@localhost src]# mv jdk1.8.0_181/ /usr/local/ [root@localhost src]# vi /etc/profile //最下面添加 export JAVA_HOME=/usr/local/jdk1.8.0_181 export JRE_HOME=${JAVA_HOME}/jre export CLASSPATH=.:${JAVA_HOME}/lib/dt.JAVA_HOME/lib/tools.jar:${JRE_HOME}/lib export PATH=${JAVA_HOME}/bin:${PATH} [root@localhost src]# source /etc/profile [root@localhost src]# java -version java version 1.8.0_181 Java(TM) SE Runtime Environment (build 1.8.0_181-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)ElasticSearch 的安装与运行
[root@localhost src]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.2.tar.gz [root@localhost src]# tar -xzf elasticsearch-6.2.2.tar.gz [root@localhost src]# groupadd elasticsearch [root@localhost src]# useradd elasticsearch -g elasticsearch [root@localhost src]# chown -R elasticsearch:elasticsearch elasticsearch-6.2.2 [root@localhost src]# su elasticsearch [elasticsearch@localhost src]$ cd elasticsearch-6.2.2 [elasticsearch@localhost elasticsearch-6.2.2]$ bin/elasticsearch [root@localhost ~]# curl http://127.0.0.1:9200/ name : 6FN8LUp , cluster_name : elasticsearch , cluster_uuid : ez7zsys-TZKZfS3-d1cOmA , version : { number : 6.2.2 , build_hash : 10b1edd , build_date : 2018-02-16T19:01:30.685723Z , build_snapshot : false, lucene_version : 7.2.1 , minimum_wire_compatibility_version : 5.6.0 , minimum_index_compatibility_version : 5.0.0 tagline : You Know, for SearchFileBeats 与 LogStash 的安装
[root@localhost src]# wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.2.tar.gz [root@localhost src]# tar zxvf logstash-6.3.2.tar.gz [root@localhost src]# cd logstash-6.3.2 [root@localhost logstash-6.3.2]# vim first.conf # 配置输入为 beats input { beats { port = 5044 # 数据过滤 filter { grok { match = { message = %{COMBINEDAPACHELOG} } geoip { source = clientip # 输出到本机的 ES output { elasticsearch { hosts = [ localhost:9200 ] [root@localhost logstash-6.3.2]# bin/logstash -f first.conf --config.reload.automatic [root@localhost ~]# netstat -ntlp | grep 5044 tcp6 0 0 :::5044 :::* LISTEN 12157/java [root@localhost src]# tar -zxvf filebeat-6.3.2-linux-x86_64.tar.gz [root@localhost src]# cd filebeat-6.3.2-linux-x86_64 [root@localhost filebeat-6.3.2-linux-x86_64]# vim filebeat.yml - type: log # Change to true to enable this prospector configuration. enabled: True # Paths that should be crawled and fetched. Glob based paths. # 读取 Nginx 的日志 paths: - /usr/local/nginx/logs/*.log #----------------------------- Logstash output -------------------------------- # 输出到本机的 LogStash output.logstash: # The Logstash hosts hosts: [ localhost:5044 ] [root@localhost filebeat-6.3.2-linux-x86_64]# ./filebeat -e -c filebeat.yml -d publish [root@localhost src]# tar zxvf kibana-6.3.2-linux-x86_64.tar.gz [root@localhost kibana-6.3.2-linux-x86_64]# bin/kibana
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/54106.html
apachejavalinuxnginx相关文章
- 第四章·Sersync 实时同步实战
- java实现tail -f 日志实时输出到页面
- linux 实时查看日志 最新最后100行 tail「建议收藏」
- 热加载技术:修改Python代码并实时查看结果 ⛵
- vue.js客服系统实时聊天项目开发(十六)连接websocket实时处理消息,断线重连,处理服务端关闭指令
- 大数据NiFi(十九):实时Json日志数据导入到Hive
- 【Linux 内核】实时调度类 ⑥ ( 实时调度类核心函数源码分析 | 插入进程到执行队列 | 从执行队列中选择优先级最高的进程 )
- 对话ZEGO即构科技许明龙:聊聊元宇宙与实时互动RTI
- 日志监测Linux实时日志实时监控系统(linux实时)
- MySQL数据库实时监控解决方案(mysql数据库监控工具)
- 【Linux文件操作:实时日志记录】(linux文件操作日志)
- 展现Linux网站实时日志的奥秘(linux网站日志)
- Linux系统端口流量实时监控(linux端口流量监控)
- PyFlink 场景案例 – PyFlink实现CDN日志实时分析
- Oracle 数据日志:实时记录数据更新与修改历史,确保数据完整性和安全性。(oracle数据日志)
- Linux实时监控网络流量,精准把握网络状态(linux实时网络流量)
- Oracle获取实时时间的简便方法(oracle取时间)
- 动态分析Linux实时日志分析:洞察系统行为(linux实时日志)
- MSSQL监控系统:实时跟踪数据变化(mssql监听数据变化)
- 深入Redis查看连接数的实时监控(查看redis连接数数量)
- 实时监控使用Redis缓存表数据(redis缓存实时表数据)