elk源码安装
2017-01-23 16:01
344 查看
[root@localhostelk]# ls
elasticsearch-2.2.1.tar.gzjdk-8u101-linux-i586.gz kibana-4.4.2-linux-x64.tar.gz
logstash-2.2.2.tar.gz
解压jdk1.8
[root@localhostelk]# tar xvf jdk-8u101-linux-i586.gz
编辑profile文件最后添加
[root@localhostelk]# vim /etc/profile
JAVA_HOME=/elk/jdk1.8.0_101
JAVA_BIN=/elk/jdk1.8.0_101/bin
JRE_HOME=/elk/jdk1.8.0_101/jre
PATH=$PATH:$JAVA_BIN
CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME JAVA_BIN JRE_HOME PATH CLASSPATH
生效profile文件
[root@localhostelk]# source /etc/profile
安装l包
[root@localhostelk]# tar xvf logstash-2.2.2.tar.gz
[root@localhost elk]# mv logstash-2.2.2logstash
测试Logstash,如下显示正确
[root@localhost elk]# ./logstash/bin/logstash-e 'input { stdin { } } output { stdout {} }'
[root@localhost elk]#./logstash/bin/logstash -e 'input { stdin { } } output { stdout {} }'
hello word
Settings: Default pipeline workers: 64
Logstash startup completed
2016-11-10T21:57:07.861Zlocalhost.localdomain hello word
how are you
2016-11-10T21:57:24.947Zlocalhost.localdomain how are you
创建logstash配置文件目录
[root@localhostelk]# mkdir logstash/etc/
[root@localhostelk]# cd logstash/etc/
[root@localhostetc]# vim logstash-simple.conf
input { stdin { } }
output {
elasticsearch {hosts => "10.11.30.15" }
stdout { codec=> rubydebug }
}
Logstash使用input和output定义收集日志时的输入和输出的相关配置,本例中input定义了一个叫"stdin"的input,output定义一个叫"stdout"的output。无论我们输入什么字符,Logstash都会按照某种格式来返回我们输入的字符,其中output被定义为"stdout"并使用了codec参数来指定logstash输出格式。
对logstash进行测试
安装e程序
解压e包
[root@localhostelk]# tar xvf elasticsearch-2.2.1.tar.gz
目录改名
[root@localhostelk]# mv elasticsearch-2.2.1/ elasticsearch
创建appuser用户(非root就好)
[root@localhostelk]# useradd appuser
[root@localhostelk]# chown –R appuser:appuser elasticsearch
#[appuser@localhostelk]$ ./elasticsearch/bin/plugin install mobz/elasticsearch-head
#-> Installing mobz/elasticsearch-head...
#Plugins directory[/elk/elasticsearch/plugins] does not exist. Creating...
#Tryinghttps://github.com/mobz/elasticsearch-head/archive/master.zip ...
#Downloading............................................................................................................................................................................................................................................................................................#....................................................................................................................................................................................................................................................................................................................#..........................................................................DONE
#Verifyinghttps://github.com/mobz/elasticsearch-head/archive/master.zip checksums ifavailable ...
#NOTE: Unable to verify checksum fordownloaded plugin (unable to find .sha1 or .md5 file to verify)
#Installed head into/elk/elasticsearch/plugins/head
#[appuser@localhostelk]$ ls elasticsearch/plugins
#Head
用root用户创建两个目录
[root@localhostelk]# mkdir -p /tmp/elasticsearch/data
[root@localhostelk]# mkdir -p /tmp/elasticsearch/logs
[root@localhostelk]# chown -R appuser:appuser/tmp/elasticsearch
[root@localhostelk]# ll /tmp/elasticsearch/
total 8
drwxr-xr-x. 2 appuser appuser 4096 Nov 1016:17 data
drwxr-xr-x. 2 appuser appuser 4096 Nov 1016:18 logs
[root@localhost elk]#
[root@localhostelk]# vim elasticsearch/config/elasticsearch.yml
cluster.name: my-test
node.name: node-1
path.data: /tmp/elasticsearch/data
path.logs: /tmp/elasticsearch/logs
network.host: 10.11.30.15
http.port: 9200
启动e程序
[root@localhost~]# vim /etc/sysctl.conf
vm.max_map_count=655360
[root@localhost~]# vim /etc/security/limits.conf
appuserhard nofile 65536
appusersoft nofile 65536
[root@localhost~]# vi /etc/security/limits.d/90-nproc.conf
* soft nproc 2048
[root@localhost~]# su - appuser
[appuser@localhost~]$ ./elasticsearch/bin/elasticsearch &
[1] 31223
[appuser@localhost ~]$ -bash:./elasticsearch/bin/elasticsearch: No such file or directory
[1]+ Exit 127 ./elasticsearch/bin/elasticsearch
[appuser@localhost ~]$
[appuser@localhost ~]$
[appuser@localhost ~]$
[appuser@localhost ~]$
验证
[appuser@localhostelk]$ curl 'http://10.11.30.15:9200/_search?pretty'
{
"took" : 3,
"timed_out" : false,
"_shards" : {
"total" : 0,
"successful" : 0,
"failed" : 0
},
"hits" : {
"total" : 0,
"max_score" : 0.0,
"hits" : [ ]
}
}
[appuser@localhost elk]$
安装K包
[root@localhostelk]# tar xvf kibana-4.4.2-linux-x64.tar.gz
[root@localhostelk]# mv kibana-4.4.2-linux-x64/ kibana
[root@localhostkibana]# vim config/kibana.yml
server.port: 5601
server.host: "192.168.1.245"
elasticsearch.url: http://192.168.1.245:9200
kibana.index: ".kibana"
[root@localhostelk]# ./kibana/bin/kibana
log [16:49:52.893][info][status][plugin:kibana] Status changed from uninitialized to green -Ready
log [16:49:52.938][info][status][plugin:elasticsearch] Status changed from uninitialized toyellow - Waiting for Elasticsearch
log [16:49:52.964][info][status][plugin:kbn_vislib_vis_types] Status changed from uninitializedto green - Ready
log [16:49:52.971][info][status][plugin:markdown_vis] Status changed from uninitialized to green- Ready
log [16:49:52.976][info][status][plugin:metric_vis] Status changed from uninitialized to green -Ready
log [16:49:52.991][info][status][plugin:spyModes] Status changed from uninitialized to green -Ready
log [16:49:52.997][info][status][plugin:statusPage] Status changed from uninitialized to green -Ready
log [16:49:53.001][info][status][plugin:table_vis] Status changed from uninitialized to green -Ready
log [16:49:53.009][info][listening] Server running at http://10.11.30.15:5601
log [16:49:58.011][info][status][plugin:elasticsearch] Status changed from yellow to yellow - Noexisting Kibana index found
[2016-11-10 16:49:58,366][INFO ][cluster.metadata ] [node-1] [.kibana] creating index,cause [api], templates [], shards [1]/[1], mappings [config]
[2016-11-10 16:49:58,651][INFO][cluster.routing.allocation] [node-1] Cluster health status changed from [RED]to [YELLOW] (reason: [shards started [[.kibana][0]] ...]).
log [16:50:01.376][info][status][plugin:elasticsearch] Status changed from yellow to green -Kibana index ready
都启动完成可以访问http://k程序的ip:5601
elasticsearch-2.2.1.tar.gzjdk-8u101-linux-i586.gz kibana-4.4.2-linux-x64.tar.gz
logstash-2.2.2.tar.gz
解压jdk1.8
[root@localhostelk]# tar xvf jdk-8u101-linux-i586.gz
编辑profile文件最后添加
[root@localhostelk]# vim /etc/profile
JAVA_HOME=/elk/jdk1.8.0_101
JAVA_BIN=/elk/jdk1.8.0_101/bin
JRE_HOME=/elk/jdk1.8.0_101/jre
PATH=$PATH:$JAVA_BIN
CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME JAVA_BIN JRE_HOME PATH CLASSPATH
生效profile文件
[root@localhostelk]# source /etc/profile
安装l包
[root@localhostelk]# tar xvf logstash-2.2.2.tar.gz
[root@localhost elk]# mv logstash-2.2.2logstash
测试Logstash,如下显示正确
[root@localhost elk]# ./logstash/bin/logstash-e 'input { stdin { } } output { stdout {} }'
[root@localhost elk]#./logstash/bin/logstash -e 'input { stdin { } } output { stdout {} }'
hello word
Settings: Default pipeline workers: 64
Logstash startup completed
2016-11-10T21:57:07.861Zlocalhost.localdomain hello word
how are you
2016-11-10T21:57:24.947Zlocalhost.localdomain how are you
创建logstash配置文件目录
[root@localhostelk]# mkdir logstash/etc/
[root@localhostelk]# cd logstash/etc/
[root@localhostetc]# vim logstash-simple.conf
input { stdin { } }
output {
elasticsearch {hosts => "10.11.30.15" }
stdout { codec=> rubydebug }
}
Logstash使用input和output定义收集日志时的输入和输出的相关配置,本例中input定义了一个叫"stdin"的input,output定义一个叫"stdout"的output。无论我们输入什么字符,Logstash都会按照某种格式来返回我们输入的字符,其中output被定义为"stdout"并使用了codec参数来指定logstash输出格式。
对logstash进行测试
安装e程序
解压e包
[root@localhostelk]# tar xvf elasticsearch-2.2.1.tar.gz
目录改名
[root@localhostelk]# mv elasticsearch-2.2.1/ elasticsearch
创建appuser用户(非root就好)
[root@localhostelk]# useradd appuser
[root@localhostelk]# chown –R appuser:appuser elasticsearch
#[appuser@localhostelk]$ ./elasticsearch/bin/plugin install mobz/elasticsearch-head
#-> Installing mobz/elasticsearch-head...
#Plugins directory[/elk/elasticsearch/plugins] does not exist. Creating...
#Tryinghttps://github.com/mobz/elasticsearch-head/archive/master.zip ...
#Downloading............................................................................................................................................................................................................................................................................................#....................................................................................................................................................................................................................................................................................................................#..........................................................................DONE
#Verifyinghttps://github.com/mobz/elasticsearch-head/archive/master.zip checksums ifavailable ...
#NOTE: Unable to verify checksum fordownloaded plugin (unable to find .sha1 or .md5 file to verify)
#Installed head into/elk/elasticsearch/plugins/head
#[appuser@localhostelk]$ ls elasticsearch/plugins
#Head
用root用户创建两个目录
[root@localhostelk]# mkdir -p /tmp/elasticsearch/data
[root@localhostelk]# mkdir -p /tmp/elasticsearch/logs
[root@localhostelk]# chown -R appuser:appuser/tmp/elasticsearch
[root@localhostelk]# ll /tmp/elasticsearch/
total 8
drwxr-xr-x. 2 appuser appuser 4096 Nov 1016:17 data
drwxr-xr-x. 2 appuser appuser 4096 Nov 1016:18 logs
[root@localhost elk]#
[root@localhostelk]# vim elasticsearch/config/elasticsearch.yml
cluster.name: my-test
node.name: node-1
path.data: /tmp/elasticsearch/data
path.logs: /tmp/elasticsearch/logs
network.host: 10.11.30.15
http.port: 9200
启动e程序
[root@localhost~]# vim /etc/sysctl.conf
vm.max_map_count=655360
[root@localhost~]# vim /etc/security/limits.conf
appuserhard nofile 65536
appusersoft nofile 65536
[root@localhost~]# vi /etc/security/limits.d/90-nproc.conf
* soft nproc 2048
[root@localhost~]# su - appuser
[appuser@localhost~]$ ./elasticsearch/bin/elasticsearch &
[1] 31223
[appuser@localhost ~]$ -bash:./elasticsearch/bin/elasticsearch: No such file or directory
[1]+ Exit 127 ./elasticsearch/bin/elasticsearch
[appuser@localhost ~]$
[appuser@localhost ~]$
[appuser@localhost ~]$
[appuser@localhost ~]$
验证
[appuser@localhostelk]$ curl 'http://10.11.30.15:9200/_search?pretty'
{
"took" : 3,
"timed_out" : false,
"_shards" : {
"total" : 0,
"successful" : 0,
"failed" : 0
},
"hits" : {
"total" : 0,
"max_score" : 0.0,
"hits" : [ ]
}
}
[appuser@localhost elk]$
安装K包
[root@localhostelk]# tar xvf kibana-4.4.2-linux-x64.tar.gz
[root@localhostelk]# mv kibana-4.4.2-linux-x64/ kibana
[root@localhostkibana]# vim config/kibana.yml
server.port: 5601
server.host: "192.168.1.245"
elasticsearch.url: http://192.168.1.245:9200
kibana.index: ".kibana"
[root@localhostelk]# ./kibana/bin/kibana
log [16:49:52.893][info][status][plugin:kibana] Status changed from uninitialized to green -Ready
log [16:49:52.938][info][status][plugin:elasticsearch] Status changed from uninitialized toyellow - Waiting for Elasticsearch
log [16:49:52.964][info][status][plugin:kbn_vislib_vis_types] Status changed from uninitializedto green - Ready
log [16:49:52.971][info][status][plugin:markdown_vis] Status changed from uninitialized to green- Ready
log [16:49:52.976][info][status][plugin:metric_vis] Status changed from uninitialized to green -Ready
log [16:49:52.991][info][status][plugin:spyModes] Status changed from uninitialized to green -Ready
log [16:49:52.997][info][status][plugin:statusPage] Status changed from uninitialized to green -Ready
log [16:49:53.001][info][status][plugin:table_vis] Status changed from uninitialized to green -Ready
log [16:49:53.009][info][listening] Server running at http://10.11.30.15:5601
log [16:49:58.011][info][status][plugin:elasticsearch] Status changed from yellow to yellow - Noexisting Kibana index found
[2016-11-10 16:49:58,366][INFO ][cluster.metadata ] [node-1] [.kibana] creating index,cause [api], templates [], shards [1]/[1], mappings [config]
[2016-11-10 16:49:58,651][INFO][cluster.routing.allocation] [node-1] Cluster health status changed from [RED]to [YELLOW] (reason: [shards started [[.kibana][0]] ...]).
log [16:50:01.376][info][status][plugin:elasticsearch] Status changed from yellow to green -Kibana index ready
都启动完成可以访问http://k程序的ip:5601
相关文章推荐
- Codeforces Round #388 (Div. 2)B Parallelogram is Back
- 单例模式之传递Context参数
- Java计算某天任意天数后是哪一天
- 聚合数据全国天气预报API--ajax 通过城市名取数据
- android动态背景色圆形头像
- Spring Boot WAR包运行原理分析
- maven详解之坐标与依赖
- TCP三次握手/四次挥手详解
- Android相机Camera基础知识
- 字符集
- 父子组件通信
- openwrt移植到pb44---第一章(遗留问题)
- 第十五节 Case Class与模式匹配(二)
- 在CentOS系统下,主要有两种方法设置自己安装的程序开机启动。
- 解决使用MSBuild编译项目没有拷贝间接引用的dll问题
- 相加和最大值 (sdut oj)
- HashMap的工作原理
- magent实现memcached集群的一个问题
- Go语言小爬虫--第一步
- MSBuild 中的 PropertyGroup、ItemGroup 和 ItemMetadata