OpenNMS 事件转储 Elasticsearch

准备条件

1 软件及版本

    CentOS-7-x86_64
    OpenNMS 25.1.0
    elasticsearch-7.4.2-linux-x86_64.tar.gz
    kibana-7.4.2-linux-x86_64.tar.gz

2 服务器

地址        192.168.1.80        192.168.1.81

安装        opennms            elasticsearch/kibana
Elasticsearch 配置

vi config/elasticsearch.yml
找到并修改如下参数

    node.name: node-1
    network.host: 0.0.0.0
    cluster.initial_master_nodes: ["node-1"]

设置用户权限

    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

问题

[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]

解决
vi /etc/security/limits.conf

    * soft nofile 65536
     
    * hard nofile 131072
     
    * soft nproc 2048
     
    * hard nproc 4096

[2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

解决
vi /etc/sysctl.conf

vm.max_map_count=262144

sysctl -p

临时设置

sysctl -w vm.max_map_count=262144

启动

bin/elasticsearch -d

设置密码

bin/elasticsearch-setup-passwords interactive

验证

curl http://192.168.1.81:9200 -u elastic:elastic

Kibana 配置

vi config/kibana.yml

修改如下参数

    server.host: "192.168.1.81"
     
    elasticsearch.username: "kibana"
    elasticsearch.password: "kibana"

访问

    http://192.168.1.81:5601
    elastic/elastic

OpenNMS 配置

vi etc/org.opennms.plugin.elasticsearch.rest.forwarder.cfg
添加如下参数

    elasticUrl=http://192.168.1.81:9200
    elasticIndexStrategy=daily
    globalElasticUser=elastic
    globalElasticPassword=elastic


启用 opennms-es-rest
 

    ssh -p8101 admin@localhost
    登录karaf 密码：admin
     
    执行命令
    feature:install opennms-es-rest

查看数据

登录Kibana，用户/密码：elastic/elastic

进入 Dev Tools，在Console 执行命令

GET /opennms-events-*/_search