随笔分类 -  ELK

es8 通过 rpm 部署集群
摘要:系统配置 ulimit 设置 echo "* soft nofile 65535" >> /etc/security/limits.conf echo "* hard nofile 65535" >> /etc/security/limits.conf ubuntu 系统 vim /etc/pam. 阅读全文
posted @ 2025-01-21 19:22 小吉猫 阅读(163) 评论(0) 推荐(0)
kibana 通过 rpm 部署
摘要:安装 kibana yum -y install kibana 重置内置用户 kibana_system /usr/share/elasticsearch/bin/elasticsearch-reset-password -u kibana_system This tool will reset t 阅读全文
posted @ 2025-01-21 19:20 小吉猫 阅读(63) 评论(0) 推荐(0)
docker-compose部署logstash 8.7
摘要:设置文件属组 查看logstash运行用户 # docker run --rm -it docker.elastic.co/logstash/logstash:8.7.0 id uid=1000(logstash) gid=1000(logstash) groups=1000(logstash) 设 阅读全文
posted @ 2023-07-19 18:25 小吉猫 阅读(1084) 评论(0) 推荐(0)
es常用命令
摘要:查看索引 GET /_cat/indices 删除索引 # curl --cacert /data/apps/elasticsearch/certs/ca/ca.crt -XDELETE -u elastic https://172.16.3.9:9200/syslog-2023.04.12 Ent 阅读全文
posted @ 2023-04-12 12:12 小吉猫 阅读(42) 评论(0) 推荐(0)
ubuntu22.04 部署 filebeat 8.7
摘要:下载filebeat # curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.7.0-linux-x86_64.tar.gz 创建数据目录 # mkdir -pv /data/apps/filbeat 阅读全文
posted @ 2023-04-11 17:18 小吉猫 阅读(989) 评论(0) 推荐(0)
docker-compose 部署 es8.7
摘要:系统设置 sysctl.conf # echo vm.max_map_count=262144 >> /etc/sysctl.conf ulimits # docker run --rm docker.elastic.co/elasticsearch/elasticsearch:8.7.0 /bin 阅读全文
posted @ 2023-04-07 14:06 小吉猫 阅读(750) 评论(0) 推荐(0)
docker-compose 部署EFK
摘要:filebeat.yaml filebeat.inputs: - type: log paths: - '/logs/*access.log' processors: - decode_json_fields: fields: ["message"] target: "" overwrite_key 阅读全文
posted @ 2022-09-19 15:29 小吉猫 阅读(312) 评论(0) 推荐(0)
es8部署
摘要:从软件库安装 wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg sudo apt-ge 阅读全文
posted @ 2022-08-05 10:21 小吉猫 阅读(424) 评论(0) 推荐(0)