ELKStack简介
对于日志来说,最常见的需求就是收集、存储、查询、展示,开源社区正好有相对应的开源项目:logstash(收集)、elasticsearch(存储+搜索)、kibana(展示),我们将这三个组合起来的技术称之为ELKStack,所以说ELKStack指的是Elasticsearch、Logstash、Kibana技术栈的结合,一个通用的架构如下图所示:
系统环境:Centos 7.4 JDK 1.8
Elasticsearch6.0安装:
1、安装JDK
[root@es-jypay-1 elasticsearch]# yum install -y java
[root@es-jypay-1 elasticsearch]# java -version
openjdk version "1.8.0_65"
OpenJDK Runtime Environment (build 1.8.0_65-b17)
OpenJDK 64-Bit Server VM (build 25.65-b01, mixed mode)
2、安装Elasticsearch6.0
[root@es-jypay-1 elasticsearch]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.0.0.rpm
3、修改配置文件
[root@es-jypay-1 elasticsearch]# vim /etc/elasticsearch/elasticsearch.yml
cluster.name: jypay-es
node.name: es-jypay-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: 192.168.6.222
http.port: 9200
4、启动并测试
启动:
[root@es-jypay-1 elasticsearch]# systemctl start elasticsearch.service
测试,看到如下打印信息表示服务正常启动:
[root@es-jypay-1 elasticsearch]# curl http://192.168.6.222:9200
{
"name" : "es-jypay-1",
"cluster_name" : "jypay-es",
"cluster_uuid" : "o3dWGAeIRKuK4pdwVZW1_Q",
"version" : {
"number" : "6.0.0",
"build_hash" : "8f0685b",
"build_date" : "2017-11-10T18:41:22.859Z",
"build_snapshot" : false,
"lucene_version" : "7.0.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}