关闭并禁用防火墙
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# systemctl disable firewalld
禁用SELINUX
[root@localhost ~]# setenforce 0 [root@localhost ~]# sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
java环境
[root@localhost src]# tar zxvf jdk-8u181-linux-x64.tar.gz
[root@localhost src]# mv jdk1.8.0_181/ /usr/local/
[root@localhost src]# vi /etc/profile //最下面添加
export JAVA_HOME=/usr/local/jdk1.8.0_181
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib/dt.JAVA_HOME/lib/tools.jar:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:${PATH}
[root@localhost src]# source /etc/profile
[root@localhost src]# java -version
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)
ElasticSearch 的安装与运行
[root@localhost src]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.2.tar.gz
[root@localhost src]# tar -xzf elasticsearch-6.2.2.tar.gz
[root@localhost src]# groupadd elasticsearch
[root@localhost src]# useradd elasticsearch -g elasticsearch
[root@localhost src]# chown -R elasticsearch:elasticsearch elasticsearch-6.2.2
[root@localhost src]# su elasticsearch
[elasticsearch@localhost src]$ cd elasticsearch-6.2.2
[elasticsearch@localhost elasticsearch-6.2.2]$ bin/elasticsearch
[root@localhost ~]# curl http://127.0.0.1:9200/
{
"name" : "6FN8LUp",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "ez7zsys-TZKZfS3-d1cOmA",
"version" : {
"number" : "6.2.2",
"build_hash" : "10b1edd",
"build_date" : "2018-02-16T19:01:30.685723Z",
"build_snapshot" : false,
"lucene_version" : "7.2.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
FileBeats 与 LogStash 的安装
[root@localhost src]# wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.2.tar.gz
[root@localhost src]# tar zxvf logstash-6.3.2.tar.gz
[root@localhost src]# cd logstash-6.3.2
[root@localhost logstash-6.3.2]# vim first.conf
# 配置输入为 beats
input {
beats {
port => "5044"
}
}
# 数据过滤
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
geoip {
source => "clientip"
}
}
# 输出到本机的 ES
output {
elasticsearch {
hosts => [ "localhost:9200" ]
}
}
[root@localhost logstash-6.3.2]# bin/logstash -f first.conf --config.reload.automatic
[root@localhost ~]# netstat -ntlp | grep 5044
tcp6 0 0 :::5044 :::* LISTEN 12157/java
[root@localhost src]# tar -zxvf filebeat-6.3.2-linux-x86_64.tar.gz
[root@localhost src]# cd filebeat-6.3.2-linux-x86_64
[root@localhost filebeat-6.3.2-linux-x86_64]# vim filebeat.yml
- type: log
# Change to true to enable this prospector configuration.
enabled: True
# Paths that should be crawled and fetched. Glob based paths.
# 读取 Nginx 的日志
paths:
- /usr/local/nginx/logs/*.log
#----------------------------- Logstash output --------------------------------
# 输出到本机的 LogStash
output.logstash:
# The Logstash hosts
hosts: ["localhost:5044"]
[root@localhost filebeat-6.3.2-linux-x86_64]# ./filebeat -e -c filebeat.yml -d "publish"
[root@localhost src]# tar zxvf kibana-6.3.2-linux-x86_64.tar.gz
[root@localhost kibana-6.3.2-linux-x86_64]# bin/kibana
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/54106.html