标签:linu over linux log file logstash 修改 path oca
---恢复内容开始---
这里我用以elasticsearch-5.3.2、kibana-5.3.0、logstash-5.3.0的版本为例:
1.创建elastic用户,这里elasticsearch、kibana、logstash都是在elastic用户下安装的
1)安装elasticsearch
tar -zxf elasticsearch-5.3.2.tar.gz -C /usr/local
cd /usr/local; mv elasticsearch-5.3.2 elasticsearch; vim elasticsearch/config/elasticsearch.yml;
具体修改如下:
cluster.name: my-application
node.name: node-1
path.data: /usr/local/elastic/esdata
path.logs: /usr/local/elastic/eslog
bootstrap.system_call_filter: false
network.host: 192.168.1.20
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.1.11"]
discovery.zen.minimum_master_nodes: 1
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: “Authorization”
action.auto_create_index: true
2)安装kibana
tar -zxf kibana-5.3.0-linux-x86_64.tar.gz -C /usr/local
cd /usr/local/; mv kibana-5.3.0-linux-x86_64.tar.gz kibana;vim kibana/config/kibana.yml
具体修改如下:
server.port: 5601
server.host: "192.168.1.20"
elasticsearch.url: "http://192.168.1.20:9200"
kibana.index: "kibana"
3)安装logstash
tar -zxf logstash-5.3.0.tar.gz -C /usr/local
cd /usr/local;mv logstash-5.3.0.tar.gz logstash;编辑logstash.conf配置文件
input {
file {
type => "logstash-log"
path => "/usr/local/logstash/logs/logstash-plain.log"
}
}
output {
elasticsearch {
hosts => ["http://192.168.1.20:9200"]
index => "logstash20_%{+YYYY-MM-dd}"
}
}
然后依次启动elasticsearch、kibana、logstash
/usr/local/elasticsearch/bin/elasticserch -d
/usr/local/kibana/bin/kibana &
/usr/local/logstash/bin/lostash -f /usr/local/logstash/conf/logstash.conf &
标签:linu over linux log file logstash 修改 path oca
原文地址:http://www.cnblogs.com/rutor/p/6962105.html
