ELK搭建

一.搭建基础环境
1.关闭防火墙
2.更改主机名
3.改hosts文件
4.安装jdk
Vim /etc/profile
export JAVA_HOME=/usr/local/java/jdk1.8.0_181
export PATH=$JAVA_HOME/bin:$PATH

5.内核调优
vi /etc/sysctl.conf
vm.max_map_count=655360 然后保存
sysctl -p
vi /etc/security/limits.conf

  • soft nofile 65536
  • hard nofile 131072
  • soft nproc 2048
  • hard nproc 4096
    vi /etc/security/limits.d/20-nproc.conf
  • soft nproc 65536
    root soft nproc unlimited
    必须重启! 重启才可以生效
    二.安装es
    1.下载安装包
    wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.2.tar.gz
    2.配置安装
    tar -xvf elasticsearch-6.3.2.tar.gz -C /usr/local/elasticsearch-6.3.2/
    3.新建用户
    useradd feiyu
    passwd feiyu
    chown -R feiyu:feiyu elasticsearch-6.3.2/
    4.修改配置文件
    单机:
    vi config/elasticsearch.yml
    network.host: 你自己的服务器ip
    http.port: 9200
    5.启动服务
    Su feiyu
    bin/elasticsearch -d
    netstat -nltp | grep 9200
    6.测试
    curl http://192.168.0.209:9200

7.安装插件
Yum -y install docker
docker pull mobz/elasticsearch-head:5
docker run -d -p 9100:9100 docker.io/mobz/elasticsearch-head:5
或者
mkdir -p /root/ELK
cd /root/ELKy
yum install git npm -y
git clone https://github.com/mobz/elasticsearch-head.git
cd elasticsearch-head
npm install
nohup npm run start &
8.测试

三.安装logstash
1.下载安装包
wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.2.tar.gz
2.解压安装
tar -zxvf logstash-6.3.2.tar.gz -C /usr/local/logstash-6.3.2
cd /usr/local/logstash-6.3.2/bin
3.改配置文件
/usr/local/logstash-6.3.2/config/logstash.yml

4.编写日志过滤文件格式
vi conf/erp-web.conf(路径及文件名自定义)
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "system-%{+YYYY.MM.dd}"
}
}

5.启动服务

测试配置语法是否正确

bin/logstash -f config/erp-web.conf -t

指定配置文件启动

nohup bin/logstash -f config/erp-web.conf &

多配置文件启动:

nohup bin/logstash -f config/ &
四.安装kibana
1.下载安装包
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.3.2-linux-x86_64.tar.gz
2.安装配置
tar zxvf kibana-6.3.2-linux-x86_64.tar.gz -C /usr/local/
cd /usr/local/kibana-6.3.2-linux-x86_64/config
vim kibana.yml

3.启动服务
./kibana &
netstat -nltp| grep 5601

posted @ 2020-09-16 14:40  雨曼晴川  阅读(111)  评论(0)    收藏  举报