2 ubuntu 16.04 安装Elastic Stack

一: 安装JAVA8

         添加ppa

   sudo add-apt-repository ppa:webupd8team/java
   sudo apt-get update
安装oracle-java-installer
 sudo apt-get install oracle-java8-installer
设置系统默认jdk
sudo update-java-alternatives -s java-8-oracle
java安装测试
java -version
javac -version

二 安装elasticsearch

https://www.elastic.co/guide/en/beats/libbeat/6.2/elasticsearch-installation.html

(如果没安装CURL, 运行:  sudo apt install curl )

sudo apt-get install openjdk-8-jre
curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.deb
sudo dpkg -i elasticsearch-6.2.4.deb
sudo /etc/init.d/elasticsearch start   // 启动elasticsearch

localhost:9200

elasticsearch的配置文件路径: /etc/elasticsearch/elasticsearch.yml

(注意: vi出问题了的处理方法:

                 sudo apt-get remove vim-common

             sudo apt-get install vim

三 安装logstash:
  (https://www.elastic.co/guide/en/beats/libbeat/6.2/logstash-installation.html)

   sudo apt-get install openjdk-8-jre
  curl -L -O https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.deb
  sudo dpkg -i logstash-6.2.4.deb

       不要启动,要做一些配置:

在这个目录下: /usr/share/logstash;
./bin/logstash -f logstash.conf( 有在这个目录下创建logstash.conf)

input {
  beats  {
   port => 5044
   }
}

# The filter part of this file is commented out to indicate that it is
# optional.
# filter {
#
# }

output {
  elasticsearch {
    hosts => "localhost:9200"
    manage_template => false
    index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}" 
    document_type => "%{[@metadata][type]}" 
  }
}

./bin/logstash-plugin update logstash-input-beats
(/usr/share/logstash/bin/logstash-plugin)

四 Install Kibana:
  (https://www.elastic.co/guide/en/beats/libbeat/6.2/kibana-installation.html)
  curl -L -O https://artifacts.elastic.co/downloads/kibana/kibana-6.2.4-linux-x86_64.tar.gz
  tar xzvf kibana-6.2.4-linux-x86_64.tar.gz
  cd kibana-6.2.4-linux-x86_64/
  ./bin/kibana

  配置/root/kibana-6.2.4-linux-x86_64/config/kibana.yml, 指定es的地址: 

 elasticsearch.url: "http://localhost:9200"

五 Install filebeat:
  curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.2.4-amd64.deb
  sudo dpkg -i filebeat-6.2.4-amd64.deb

     配置文件地址:/etc/filebeat/filebeat.yml, 其中的内容做如下修改,

        指定监听的log的路径:

filebeat.prospectors:
- type: log
  enabled: true
  paths:
    - /var/log/*.log

  指定filebeate的输出为logstash:

 #----------------------------- Logstash output -------------------------------- #----------------------------- Logs 
  output.logstash:
  hosts: ["127.0.0.1:5044"]
  sudo service filebeat start
  访问kibana:  localhost:5601
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/liufei1983/p/9127080.html