ELK日志系统:Elasticsearch+Logstash+Kibana搭建教程

Posted Mr黄瑞

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ELK日志系统:Elasticsearch+Logstash+Kibana搭建教程相关的知识,希望对你有一定的参考价值。

ELK日志系统:Elasticsearch + Logstash + Kibana 搭建教程

安装配置JDK环境

JDK安装(不能安装JRE)
JDK下载地址:http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
下载包:jdk-8u131-linux-x64.rpm
yum localinstall jdk-8u131-linux-x64.rpm

mvn 安装

cd /usr/local
wget http://www-eu.apache.org/dist/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz
tar xzf apache-maven-3.3.9-bin.tar.gz
mv apache-maven-3.3.9 maven
vi /etc/profile.d/maven.sh
export M2_HOME=/usr/local/maven
export PATH=${M2_HOME}/bin:${PATH}
source /etc/profile.d/maven.sh
mvn -version

安装ElasticSearch

yum install epel-release
yum install npm nodejs
# centos7 若安装nodejs失败,请执行如下命令再重试
rpm -ivh https://kojipkgs.fedoraproject.org//packages/http-parser/2.7.1/3.el7/x86_64/http-parser-2.7.1-3.el7.x86_64.rpm
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.3.rpm
yum localinstall elasticsearch-6.2.3.rpm
vim /etc/elasticsearch/elasticsearch.yml
#修改network.host: 0.0.0.0
systemctl start elasticsearch
systemctl enable elasticsearch
systemctl status elasticsearch
# elasticsearch工具目录
/usr/share/elasticsearch/bin/

安装logstash

wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.3.rpm
yum localinstall logstash-6.2.3.rpm
vim /etc/logstash/conf.d/logstash.conf
input {
    file {
        path => ["/var/opt/log/a.log","/var/opt/log/b.log"]
    }
}

output {
    elasticsearch { hosts => ["localhost:9200"] }
    stdout { codec => rubydebug }
}
systemctl start logstash
systemctl enable logstash
systemctl status logstash

安装kibana

wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.3-x86_64.rpm
yum localinstall kibana-6.2.3-x86_64.rpm
vim /etc/kibana/kibana.yml
# 修改elasticsearch.url参数
server.host: "0.0.0.0"
elasticsearch.url: "http://localhost:9200"
systemctl start kibana
systemctl enable kibana
systemctl status kibana

安装nginx

yum install nginx httpd-tools
htpasswd -c /etc/nginx/htpasswd.users XXX

vi /etc/nginx/conf.d/kibana.conf
server {
    listen 80;
    server_name 10.10.24.233;
    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;
    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade; 
    }
}

systemctl enable nginx
systemctl start nginx

验证

echo "hello world" >/var/opt/log/a.log
curl http://localhost:9200/_search?pretty 查看输出

以上是关于ELK日志系统:Elasticsearch+Logstash+Kibana搭建教程的主要内容,如果未能解决你的问题,请参考以下文章

Windows系统下Log4Net+FileBeat+ELK日志分析系统问题总结

ELK 日志分析系统

ELK 日志系统搭建配置

ELK日志系统设计方案-Log4j日志直推Kafka

ELK日志系统设计方案-Log4j日志直推Kafka

ELK日志系统设计方案-Log4j日志直推Kafka