Docker 搭建 ELK 日志记录

Docker 搭建 ELK 日志记录

  1. docker create network elknet

  2. docker run -d --name elasticsearch --network elknet --network-alias elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.9.1

  3. docker run -d --name kibana --network elknet --network-alias kibana -p 5601:5601 kibana:7.9.1

  4. docker run -d --name logstash --network elknet --network-alias logstash -p 5044:5044 logstash:7.9.1

  5. 配置的log4j2发送tcp到logstash

  6. vi /usr/share/logstash/pipeline/logstash.conf

  7. input {
  tcp {
    port => 5044
    mode => "server"
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "apidemo"
  }

  stdout{
    codec => rubydebug
  }
}

  8. vim log4j2.xml

  9. <appenders>
  +
  <Socket name="LogstashTcp" host="你的localhost" port="5044" protocol="TCP">
    <PatternLayout>
      <Pattern>%d{HH:mm:ss.SSS} %-5level method:%l%n%m%n</Pattern>
    </PatternLayout>
  </Socket>
</appenders>

<loggers>
  <root level="trace">
    +
    <appender-ref ref="LogstashTcp"/>
  </root>
</loggers>

  10. Kibana上添加apidemo index, 然后查询refash就显示数据了

参考资料:
https://www.kancloud.cn/hanxt/elk/158871
https://blog.csdn.net/youzi1394046585/article/details/105599525?utm_medium=distribute.pc_relevant.none-task-blog-baidujs_baidulandingword-0&spm=1001.2101.3001.4242
https://blog.csdn.net/weixin_41387105/article/details/114385531

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/u1s1/p/14662798.html