ELK简单部署
环境概况
系统类型:Centos7
elasticsearch:10.211.55.9
logstash:10.211.55.10
kibana:10.211.55.11
相关软件包链接:https://pan.baidu.com/s/1vFrsjONk-7ZPNb8sfOOAAA
提取码:pcjt
需关闭防火墙
systemctl stop firewalld
setenforce 0
1、elasticsearch节点
[root@master ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.211.55.9 master
10.211.55.11 node1
10.211.55.10 node2
[root@master ~]# yum -y install java
[root@master ~]# java -version
[root@master ~]# yum -y install elasticsearch-2.3.4.rpm
[root@master ~]# vim /etc/elasticsearch/elasticsearch.yml
network.host:0.0.0.0 //打开54行注释
[root@master ~]# systemctl restart elasticsearch
[root@master ~]# systemctl enable elasticsearch
[root@master ~]# ss -anptl | grep 9200
浏览器访问测试:
10.211.55.9:9200
浏览器查看健康状态:
10.211.55.9:9200/_cluster/health?pretty
ES 集群验证:返回字段解析:
“status”: “green” 集群状态:绿色为正常、黄色表示有问题但不是很严重、红色表示严重故障
“number_of_nodes”: 1, 表示集群中节点的数量
2、ES插件的使用
[root@master ~]# cd /usr/share/elasticsear
[root@master ~]# ./plugin install file:///root/elk/elk/bigdesk-master.zip
[root@master ~]# ./plugin install file:///root/elk/elk/elasticsearch-head-master.zip
[root@master ~]# ./plugin install file:///root/elk/elk/elasticsearch-kopf-master.zip
[root@master ~]# ls /usr/share/elasticsearch/plugins/
[root@master ~]# ./plugin list
浏览器访问head插件:
http://192.168.1.15:9200/_plugin/head
浏览器访问kopf插件:
http://192.168.1.15:9200/_plugin/kopf
浏览器访问bigdesk插件:
http://192.168.1.15:9200/_plugin/bigdesk
3、安装kibana
[root@node1 ~]# yum -y install kibana-4.5.2-1.x86_64.rpm
[root@node1 ~]# vim /opt/kibana/config/kibana.yml
server.host: "0.0.0.0" //服务器监听地址
elasticsearch.url: http://10.211.55.9:9200 //声明地址,从哪里查,集群里面随便选一个
kibana.index: ".kibana" //kibana自己创建的索引
kibana.defaultAppId: "discover" //打开kibana页面时,默认打开的页面discover
elasticsearch.pingTimeout: 1500 //ping检测超时时间
elasticsearch.requestTimeout: 30000 //请求超时
elasticsearch.startupTimeout: 5000 //启动超时
[root@node1 ~]# systemctl restart kibana
[root@node1 ~]# systemctl enable kibana
[root@node1 ~]# ss -anptl | grep 5601
[root@node1 ~]# gzip -d logs.jsonl.gz
[root@node1 ~]# gzip -d accounts.json.gz
[root@node1 ~]# gzip -d shakespeare.json.gz
浏览器访问测试:
http://10.211.55.11:5601
http://10.211.55.11:5601/status
4、安装logstash
[root@node2 ~]# yum -y install java
[root@node2 ~]# java -version
[root@node2 ~]# cd /root/elk/elk/
[root@node2 ~]# yum -y install logstash-2.3.4-1.noarch.rpm
[root@node2 ~]# /opt/logstash/bin/logstash --version
[root@node2 ~]# /opt/logstash/bin/logstash-plugin list
[root@node2 ~]# vim /etc/logstash/logstash.conf
input{
stdin{
}
}
filter{
}
output{
stdout{
}
}
[root@node2 ~]# alias logstash='/opt/logstash/bin/logstash'
[root@node2 ~]# logstash -f /etc/logstash/logstash.conf