ELK 学习记录 - 环境搭建
一、单机部署
es、Kibana、Logstash
二、集群部署
es集群部署
Kibana部署
Logstash部署
三、基于容器安装
容器中logstash的相关配置位于 /etc/logstash/conf.d 文件夹中
02-beats-input.conf
input { beats { port => 5044 ssl => true ssl_certificate => "/etc/pki/tls/certs/logstash-beats.crt" ssl_key => "/etc/pki/tls/private/logstash-beats.key" } }
30-output.conf
output { elasticsearch { hosts => ["localhost"] manage_template => false index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}" } }
插件安装
elasticsearch-head是一个界面化的集群操作和管理工具
参考资料:
ELK集群搭建(ElasticSearch、Logstash 和 Kibana)
ELK7.8.0架构部署(收集Tomcat和nginx日志)
基于docker部署使用ELK+FileBeat日志管理平台
ElasticSearch基础介绍:4:可视化工具之elasticsearch-head
springboot+logstash将指定日志推送到elasticsearch
springboot整合LogstashTcpSocketAppender日志保存到ELK
问题汇总:
Centos 7 Docker容器运行RabbitMQ出现WARNING: IPv4 forwarding is disabled. Networking will not work.
[1]: the default discovery settings are unsuitable for production use; at least one of [discovery.se
shell出现syntax error near unexpected token `<' 解决方法
kinaba 安装踩坑: FATAL Error: [elasticsearch.url]: definition for this key is missing