ELK-安装logstash

注意:在下载tar包的时候需要注意下安装的es版本号,按照官网的说明版本是对应一致的。

$ wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.2.tar.gz
$ tar -zxvf logstash-6.2.2.tar.gz

$ cd logstash-6.2.2

快速启动(需要java8 jre,目前不支持java9)
$ ./bin/logstash -e 'input {stdin {}} output {stdout {}}'

安装logstash-input-jdbc
$ cd /home/es/logstash-6.2.2/bin
$ ./logstash-plugin install logstash-input-jdbc

新建数据库,并添加增量测试数据

CREATE TABLE `tb_test` (
  `id` bigint(20) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

 

logstash config下新建jdbc.conf:
$ cd /home/es/logstash-6.2.2/config
$ vim jdbc.conf

#jdbc.conf内容如下

input {
        stdin{
        }
        jdbc {
          jdbc_connection_string => "jdbc:mysql://127.0.0.1:3306/elk?characterEncoding=UTF-8&useSSL=false"
          jdbc_user => "erp_test"
          jdbc_password => "erp_test@abc"
          jdbc_driver_library => "/home/es/logstash-6.2.2/lib/mysql-connector-java-5.1.46.jar"
          jdbc_driver_class => "com.mysql.jdbc.Driver"
          jdbc_paging_enabled => "true"
          jdbc_page_size => "10000"
          statement => "select * from tb_test"
          schedule => "* * * * *"
          type => "jbh_show"
        }
}
 
filter {
        json {
          source => "message"
          remove_field => ["message"]
        }
}
 
output {
        elasticsearch {
          hosts => ["localhost:9200"]
          index => "cmscontent"
          document_id => "%{id}"
        }
        stdout {
          codec => json_lines
        }
}

 

执行命令启动
$ cd /home/es/logstash-6.2.2/bin
$ ./logstash -f ../config/jdbc.conf

posted on 2019-04-12 15:24  Ruthless  阅读(309)  评论(0编辑  收藏  举报