Shulou(Shulou.com)06/03 Report--

Es was installed in the previous article

Http://blog.csdn.net/feifeichongtian/article/details/79088274

In this chapter, we will learn to install logstash and kibana.

1:logstash installation

1, download

[plain] view plain copy

Wget https://artifacts.elastic.co/downloads/logstash/logstash-6.1.0.tar.g

two。 Decompression

[plain] view plain copy

Tar-zxvf logstash-5.6.0.tar.g

3. Modify the configuration file

[plain] view plain copy

[master@node0 soft] $vi logstash-6.1.0/config/logstash.conf

[plain] view plain copy

Input {stdin {} file {path = > "/ home/master/soft/test.log" start_position = > "beginning"}}

Output {elasticsearch {hosts = > ["node0:9200"]}}

4. Start

[plain] view plain copy

[master@node0 logstash-6.1.0] $. / bin/logstash-f config/logstash.conf

[plain] view plain copy

Sending Logstash's logs to / home/master/soft/logstash-6.1.0/logs which is now configured via log4j2.properties

[2018-01-14T20:14:26639] [INFO] [logstash.modules.scaffold] Initializing module {: module_name= > "netflow",: directory= > "/ home/master/soft/logstash-6.1.0/modules/netflow/configuration"}

[2018-01-14T20:14:26689] [INFO] [logstash.modules.scaffold] Initializing module {: module_name= > "fb_apache",: directory= > "/ home/master/soft/logstash-6.1.0/modules/fb_apache/configuration"}

[2018-01-14T20:14:27836] [WARN] [logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified

[2018-01-14T20:14:29376] [INFO] [logstash.runner] Starting Logstash {"logstash.version" = > "6.1.0"}

[2018-01-14T20:14:30369] [INFO] [logstash.agent] Successfully started Logstash API endpoint {: port= > 9600}

[2018-01-14T20:14:36827] [INFO] [logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {: changes= > {: removed= > [],: added= > [http://node0:9200/]}}

[2018-01-14T20:14:36859] [INFO] [logstash.outputs.elasticsearch] Running healthcheck to see if an Elasticsearch connection is working {: healthcheck_url= > http://node0:9200/,: path= > "/"}

[2018-01-14T20:14:37434] [WARN] [logstash.outputs.elasticsearch] Restored connection to ES instance {: url= > "http://node0:9200/"}"

[2018-01-14T20:14:37606] [INFO] [logstash.outputs.elasticsearch] ES Output version determined {: es_version= > nil}

[2018-01-14T20:14:37614] [WARN] [logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _ type {: es_version= > 6}

[2018-01-14T20:14:37664] [INFO] [logstash.outputs.elasticsearch] Using mapping template from {: path= > nil}

[2018-01-14T20:14:37714] [logstash.outputs.elasticsearch] Attempting to install template {: manage_template= > {"template" = > "logstash-", "version" = > 60001, "settings" = > {"index.refresh_interval" = > "5s"}, "mappings" = > {"default" = > {"dynamic_templates" = > [{"message_field" = > {"path_match" = > "message", "match_mapping_type" = > "string", "mapping" = > {"type" = > "text" "norms" = > false}}, {"string_fields" = > {"match" = > "", "match_mapping_type" = > "string", "mapping" = > {"type" = > "text", "norms" = > false, "fields" = > {"keyword" = > "keyword", "ignore_above" = > 256}], "properties" = > {"@ timestamp" = > {"type" = > "date"}, "@ version" = > {"type" = > "keyword"} "geoip" = > {"dynamic" = > true, "properties" = > {"ip" = > {"type" = > "ip"}, "location" = > {"type" = > "geo_point"}, "latitude" = > {"type" = > "half_float"}, "longitude" = > {"type" = > "half_float"}

[2018-01-14T20:14:37826] [INFO] [logstash.outputs.elasticsearch] Installing elasticsearch template to _ template/logstash

[2018-01-14T20:14:38264] [INFO] [logstash.outputs.elasticsearch] New Elasticsearch output {: class= > "LogStash::Outputs::ElasticSearch",: hosts= > ["/ / node0:9200"]}

[2018-01-14T20:14:38362] [INFO] [logstash.pipeline] Starting pipeline {: pipeline_id= > "main", "pipeline.workers" = > 1, "pipeline.batch.size" = > 125," pipeline.batch.delay "= > 5," pipeline.max_inflight "= > 125,: thread= >" # "}

[2018-01-14T20:14:39432] [INFO] [logstash.pipeline] Pipeline started {"pipeline.id" = > "main"}

The stdin plugin is now waiting for input:

[2018-01-14T20:14:39815] [INFO] [logstash.agent] Pipelines running {: count= > 1,: pipelines= > ["main"]}

Start successfully!

2:kibana installation

1. download

[plain] view plain copy

Wget wget https://download.elastic.co/kibana/kibana/kibana-6.1.1-linux-x86_64.tar.gz

Tar-xzvf kibana-6.1.1-linux-x86_64.tar.gz

two。 Configuration file

[plain] view plain copy

[master@node0 kibana-6.1.1-linux-x86_64] $vi config/kibana.yml

# elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This valuemust be a positive integer.

# elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-sideheaders, set this value to [] (an empty list).

# elasticsearch.requestHeadersWhitelist: [authorization]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwrittenby client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

# elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

# elasticsearch.shardTimeout: 0

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

# elasticsearch.startupTimeout: 5000

Specifies the path where Kibana creates the process ID file.

# pid.file: / var/run/kibana.pid

Enables you specify a file where Kibana stores log output.

# logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

# logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

# logging.quiet: false

Set the value of this setting to true to log all events, including system usage informationand all requests.

# logging.verbose: false

Set the interval in milliseconds to sample system and process performancemetrics. Minimum is 100ms. Defaults to 5000.

# ops.interval: 5000

The default locale. This locale can be used in certain circumstances to substitute any missingtranslations.

# i18n.defaultLocale: "en"

Server.port: 5601

Server.host: "node0"

Elasticsearch.url: http://node0:9200

Kibana.index: ".kibana"

3. Start

[plain] view plain copy

[master@node0 kibana-6.1.1-linux-x86_64] $bin/kibana &

[master@node0 kibana-6.1.1-linux-x86_64] $log [11 info 54 status] [plugin:kibana@6.1.1] Status changed from uninitialized to green-Ready

Log [11VV 54VV 38.759] [info] [status] [plugin:elasticsearch@6.1.1] Status changed from uninitialized to yellow Waiting for Elasticsearch

Log [11VV 54VV 38.793] [info] [status] [plugin:console@6.1.1] Status changed from uninitialized to green-Ready

Log [11VV 54VV 38.824] [info] [status] [plugin:metrics@6.1.1] Status changed from uninitialized to green-Ready

Log [11VV 54VV 39.533] [info] [status] [plugin:timelion@6.1.1] Status changed from uninitialized to green-Ready

Log [11:54:39.542] [fatal] Port 5601 is already in use. Another instance of Kibana may be running!

FATAL Port 5601 is already in use. Another instance of Kibana may be running!

4. Look at the effect.

Picture

This is my es, because there is only one node, so there is undifind.

The picture is here.

The construction of elk is complete.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.