ELK 安装配置

ELK 安装配置

官方网站:www.elastic.co

环境:
CentOS 7.1 x64
elasticsearch-2.3.2
logstash-2.3.2(或logstash-all-plugins-2.3.1)
kibana-4.5.0

elasticsearch 192.168.8.101
logstash 192.168.8.102
kibana 192.168.8.254

说明:Elasticsearch,Logstash依赖jdk7或更高,请事先安装

Elasticsearch
tar -xvf elasticsearch-2.3.2.tar.gz -C /opt
useradd elasticsearch
chown -R elasticsearch: /opt/elasticsearch
su - elasticsearch -c "/opt/elasticsearch-2.3.2/bin/elasticsearch -d -p /tmp/elasticsearch.pid"
测试

[root@elastic ~]# curl -X GET http://localhost:9200/

{

  "name" : "Lianda",

  "cluster_name" : "elasticsearch",

  "version" : {

    "number" : "2.3.2",

    "build_hash" : "b9e4a6acad4008027e4038f6abed7f7dba346f94",

    "build_timestamp" : "2016-04-21T16:03:47Z",

    "build_snapshot" : false,

    "lucene_version" : "5.5.0"

  },

  "tagline" : "You Know, for Search"

}

修改监听地址:

# ---------------------------------- Network -----------------------------------

#

# Set the bind address to a specific IP (IPv4 or IPv6):

#

network.host: 192.168.8.101

#

# Set a custom port for HTTP:

#

http.port: 9200



Logstash

tar -xvf logstash-2.3.2.tar.gz -C /opt/

测试

[root@logstash ~]# /opt/logstash-2.3.2/bin/logstash -e 'input { stdin { } } output { stdout {} }'

Settings: Default pipeline workers: 2

Pipeline main started

hello world

2016-05-01T10:23:35.726Z 0.0.0.0 hello world

Pipeline main has been shutdown

 

stopping pipeline {:id=>"main"}


https://www.elastic.co/guide/en/logstash/current/reloading-config.html

2.3及以后的版本支持配置文件自动重载,只需在启动logstash时加上如下参数--auto-reload(-r),但不能与-e一起连用

重载过程中JVM不会重启,对于没有加上-r参数并且己启动的logstash,可以通过KILL 1信号来重载配置,如 kill -1 1234

/opt/logstash-2.3.2/bin/logstash -f /opt/logstash-2.3.2/config/logstash_rsyslog.conf -r



Kibana
tar -xvf kibana-4.5.0-linux-x64.tar.gz -C /opt

vim /opt/kibana-4.5.0-linux-x64/config/kibana.yml

elasticsearch.url: "http://192.168.8.101:9200"

提示:最简配置,只需要指向正确的elasticsearch主机即可
-h #显示帮助列表
-l #指定日志路径

root@jlive:~#/opt/kibana-4.5.0-linux-x64/bin/kibana 

  log   [19:18:15.894] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready

  log   [19:18:15.924] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch

  log   [19:18:15.940] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready

  log   [19:18:15.948] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready

  log   [19:18:15.954] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready

  log   [19:18:15.965] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready

  log   [19:18:15.969] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready

  log   [19:18:15.972] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready

  log   [19:18:15.977] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready

  log   [19:18:15.982] [info][listening] Server running at http://0.0.0.0:5601


ELK <wbr>安装配置

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/lixuebin/p/10814103.html