004.ELK-6.6.0安装部署

2020-04-16  本文已影响0人  CoderJed

1. kibana安装

RPM

rpm -ivh logstash-6.6.0.rpm

# 配置文件/etc/kibana/kibana.yml,其余的保持默认即可
server.port: 5601
server.host: "10.0.0.100" # 本机IP
server.name: "node01" # 主机名
elasticsearch.hosts: ["http://10.0.0.100:9200","http://10.0.0.101:9200","http://10.0.0.102:9200"] # ES集群地址

启停命令:

systemctl start kibana
systemctl stop kibana

tar.gz

2. logstash安装

RPM

root@node01 opt]# rpm -ivh logstash-6.6.0.rpm 

# 配置文件/etc/logstash/startup.options
# 然后就可以直接使用了

tar.gz

解压即用:

# 测试,收集标准输入的信息,输出到标准输出
# 执行命令后等待一会,看到Successfully started Logstash再输入测试信息
[root@node01 logstash-6.6.0]# bin/logstash -e 'input { stdin { } } output { stdout {} }'
Sending Logstash logs to /opt/logstash-6.6.0/logs which is now configured via log4j2.properties
[2020-04-15T18:06:42,893][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2020-04-15T18:06:42,926][INFO ][logstash.runner          ] Starting Logstash {"logstash.version"=>"6.6.0"}
[2020-04-15T18:06:51,789][INFO ][logstash.pipeline        ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
[2020-04-15T18:06:51,977][INFO ][logstash.pipeline        ] Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x4d3e60a0 run>"}
The stdin plugin is now waiting for input:
[2020-04-15T18:06:52,052][INFO ][logstash.agent           ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2020-04-15T18:06:52,510][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600}

# 输入测试数据
hello

# Logstash输出的结果
{
    "host" => "node01",
    "message" => "hello",
    "@version" => "1",
    "@timestamp" => 2020-04-15T10:07:12.007Z
}

3. filebeat安装

RPM

rpm -ivh filebeat-6.6.0-x86_64.rpm

# 配置文件目录
/etc/filebeat

# 启停命令
systemctl start filebeat
systemctl stop filebeat
上一篇下一篇

猜你喜欢

热点阅读