One, install ui
1. - Chinese docker web management (https://www.dockernb.com/)
(1)docker run -d --name ui --restart always -p 16001:8081 -v /var/run/docker.sock:/var/run/docker.sock wangbinxingkong/fast
(2) User initial account/password: admin/888888
2. - Oil monkey script, change 127.0.0.1:16001 after @match to actual ip:port. Log in automatically, delete the header and footer.
// ==UserScript==
// @name New Userscript
// @namespace http://tampermonkey.net/
// @version 0.1
// @description try to take over the world!
// @author You
// @match http://127.0.0.1:16001/pc/
// @grant none
// ==/UserScript==
(function() {
'use strict';
// Your code here...
document.querySelector("#app > section > section > header").remove()
document.querySelector("#app > section > section > main > div.footer > p").remove()
setTimeout(function(){
let name = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p:nth-child(3) > input[type=text]")
let pass = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p:nth-child(5) > input[type=password]")
let login = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p.submit > button")
if(name && pass){
name.value = "admin"
name.dispatchEvent(new Event('input'))
pass.value = "888888"
pass.dispatchEvent(new Event('input'))
login.click()
}
}, 700);
})();
Two, install efk
1. - Run
(1)docker run -itd --name efk-e -p 16021:9200 -e ES_JAVA_OPTS="-Xms128m -Xmx128m" -e discovery.type=single-node --restart always docker.elastic.co/elasticsearch/elasticsearch:6.8.9
(2)docker run -itd --name efk-k -p 16002:5601 -e I18N_LOCALE=zh-CN -e ELASTICSEARCH_URL=http://192.168.15.135:16021 --restart always docker.elastic.co/kibana/kibana:6.8.9
(3)docker run -itd --name efk-f --network host -v /a_soft/efk/fluentd/conf:/fluentd/etc --restart always fluent/fluentd:v1.3.2-debian-1.0
// Cannot use the 7.10.x version, because the es version is low, the template will not be available
(4)docker run -itd --name efk-fb -v /a_soft/efk/filebeat/conf/filebeat.yml:/usr/share/filebeat/filebeat.yml -v /log:/log --user root --privileged=true --restart always store/elastic/filebeat:7.4.1
2. - Port
elasticsearch: 9200 (external interface) 9300 (cluster communication)
kibana: 5601 (external interface)
fluentd: 8888 8889 24224
3. - Configuration file
# (1) filebeat.yml
#=========================== Filebeat inputs =============================
filebeat.inputs:
- type: log
enabled: true
encoding: utf-8
paths:
- /log/a1.txt
fields:
type: test-err
- type: log
enabled: true
encoding: utf-8
paths:
- /log/*/test*.log
fields:
type: test-info
#=========================== Template =============================
setup.template.name: test
setup.template.pattern: test-*
#=========================== Elasticsearch output =============================
output.elasticsearch:
hosts: ["192.168.15.135:36021"]
index: "test-default-%{+yyyy.MM.dd}"
indices:
- index: "test-err-%{+yyyy.MM.dd}"
when.equals:
fields.type: "test-err"
- index: "test-info-%{+yyyy.MM.dd}"
when.equals:
fields.type: "test-info"
# protocol: "https"
# username: "elastic"
# password: "changeme"
# (2) fluent.conf // To output to es, you need to install a plug-in
<source> @type
forward
port 24224
bind 0.0.0.0
</source>
<match *.**>
@type copy
<store>
@type elasticsearch
host 192.168.15.135
port 9200
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y.%m.%d
include_tag_key true
type_name access_log
tag_key @log_name
flush_interval 1s
</store>
<store>
@type stdout
</store>
</match>