1. Experiment Planning
| Host address | install service |
|---|---|
| 192.168.153.134 | elasticsearch |
| 192.168.153.135 | logstash |
| 192.168.153.136 | kibana |
2. ELK installation
Reference blog link >> https://blog.csdn.net/m0_46674735/article/details/112004006
3. Logstash server configuration
3.1 Upload template file
Upload the nginx_access file to the following directory
/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-patterns-core-4.1.2/patterns
Check upload success
[root@host-135 patterns]# ll nginx_access
-rw-r--r-- 1 root root 311 Jan 26 15:22 nginx_access
3.2 /etc/logstash/conf.d/Write the nginx.conf file in the directory
vim /etc/logstash/conf.d/nginx.conf
The content of the file is:
input{
file {
path => "/usr/local/nginx/logs/access.log"
type => "nginx-log"
start_position => "beginning"
}
}
filter {
grok {
match => {
"message" => "%{NGINXACCESS}"}
}
}
output{
elasticsearch {
hosts => "192.168.153.134:9200"
index => "nginx-log"
}
}
3.3 Open logstash service
systemctl start logstash
4. kibana view configuration
4.1 Add nginx-log and check that there are many more available fields than before
4.2 Analyze the top 10 ips that access nginx
1)
2)
3)
4) Configure to display the top 10 IPs to visit the website
5) Save and name
6) Save successfully
4.3 Analyze the pv that visits nginx website
1)
2)
3)
4) Display PV value
5) Save and name
6) Saved successfully
5. Create a dashboard to display pv and uv
1)
2)
3) Click to add
4) Save the dashboard and name it
5) Saved successfully
