当前位置：首页 > news >正文

江苏国龙翔建设有限公司网站免费的软件开发工具

news 2025/11/15 4:54:46

江苏国龙翔建设有限公司网站,免费的软件开发工具,美工培训课程线上,新产品宣传推广策划方案Centos7下使用ELK#xff08;Elasticsearch Logstash Kibana#xff09;搭建日志集中分析平台日志监控和分析在保障业务稳定运行时#xff0c;起到了很重要的作用#xff0c;不过一般情况下日志都分散在各个生产服务器#xff0c;且开发人员无法登陆生产服务器#xf…Centos7下使用ELKElasticsearch Logstash Kibana搭建日志集中分析平台日志监控和分析在保障业务稳定运行时起到了很重要的作用不过一般情况下日志都分散在各个生产服务器且开发人员无法登陆生产服务器这时候就需要一个集中式的日志收集装置对日志中的关键字进行监控触发异常时进行报警并且开发人员能够查看相关日志。logstashelasticsearchkibana3就是实现这样功能的一套系统并且功能更强大。 Logstash负责日志的收集处理和储存　　Elasticsearch负责日志检索和分析　　Kibana负责日志的可视化 1、环境介绍 elkServer 　　　　IP:192.168.7.27 　　　　OSCentos7.1 　　　　FQDN:elk.server.com elkClient IP:192.168.31.23 　　　　OSCentos7.1 2、下载准备官网下载最新的安装包https://www.elastic.co/downloads目前有些版本的包可能下载不到了请到该地址下载——链接http://pan.baidu.com/s/1gfohO2Z 密码5s1f elasticsearch-1.7.3.noarch.rpm server上安装 kibana-4.1.2-linux-x64.tar.gz server上安装 logstash-1.5.4-1.noarch.rpm server上安装 logstash-forwarder-0.4.0-1.x86_64.rpm client上安装 3、Server端安装 3.1安装jdk1.7 [rootlocalhost ~]# yum install java-1.7.0-openjdk Loaded plugins: fastestmirror, langpacks base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 Loading mirror speeds from cached hostfile* base: mirrors.btte.net* extras: mirrors.163.com* updates: mirrors.163.com Package 1:java-1.7.0-openjdk-1.7.0.91-2.6.2.1.el7_1.x86_64 already installed and latest version Nothing to do 3.2安装elasticsearch [rootlocalhost elk]# yum localinstall elasticsearch-1.7.3.noarch.rpm (yum 本地安装elasticsearch Loaded plugins: fastestmirror, langpacks Examining elasticsearch-1.7.3.noarch.rpm: elasticsearch-1.7.3-1.noarch elasticsearch-1.7.3.noarch.rpm: does not update installed package. Nothing to do [rootlocalhost elk]# systemctl daemon-reload [rootlocalhost elk]# systemctl enable elasticsearch.service 设置开机自启动 ln -s /usr/lib/systemd/system/elasticsearch.service /etc/systemd/system/multi-user.target.wants/elasticsearch.service [rootlocalhost elk]# systemctl start elasticsearch.service 开启服务 [rootlocalhost elk]# systemctl status elasticsearch.service 查看服务状态 elasticsearch.service - ElasticsearchLoaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)Active: active (running) since Sun 2015-11-08 11:05:09 CST; 28s agoDocs: http://www.elastic.coMain PID: 15345 (java)CGroup: /system.slice/elasticsearch.service?..15345 java -Xms256m -Xmx1g -Djava.awt.headlesstrue -XX:UseParNewGC -XX:UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction75 -XX:UseCMSInitiatingOccupancyOnly -XX:Heap...Nov 08 11:05:09 localhost.localdomain systemd[1]: Started Elasticsearch. [rootlocalhost elk]# rpm -qc elasticsearch /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/logging.yml /etc/init.d/elasticsearch /etc/sysconfig/elasticsearch /usr/lib/sysctl.d/elasticsearch.conf /usr/lib/systemd/system/elasticsearch.service /usr/lib/tmpfiles.d/elasticsearch.conf [rootlocalhost elk]# netstat -nltp 查看端口监听状况 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 784/rpcbind tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1457/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3213/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2656/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 14407/sshd: rootpt tcp6 0 0 :::111 :::* LISTEN 784/rpcbind tcp6 0 0 :::9200 :::* LISTEN 15345/java tcp6 0 0 :::9300 :::* LISTEN 15345/java tcp6 0 0 :::22 :::* LISTEN 1457/sshd tcp6 0 0 ::1:631 :::* LISTEN 3213/cupsd tcp6 0 0 ::1:25 :::* LISTEN 2656/master tcp6 0 0 ::1:6010 :::* LISTEN 14407/sshd: rootpt [rootlocalhost elk]# firewall-cmd --permanent --add-port{9200/tcp,9300/tcp} 防火墙添加两个端口 success [rootlocalhost elk]# firewall-cmd --reload 重载防火墙 success [rootlocalhost elk]# firewall-cmd --list-all 查看防火墙开发端口 public (default, active)interfaces: ens33sources: services: dhcpv6-client sshports: 9200/tcp 9300/tcpmasquerade: noforward-ports: icmp-blocks: rich rules: 3.3安装kibana [rootlocalhost elk]# tar zxf kibana-4.1.2-linux-x64.tar.gz -C /usr/local/ 解压缩安装包到指定目录中 [rootlocalhost elk]# cd /usr/local/ [rootlocalhost local]# ls bin etc games include kibana-4.1.2-linux-x64 lib lib64 libexec sbin share src [rootlocalhost local]# mv kibana-4.1.2-linux-x64/ kibana 重命名 [rootlocalhost local]# cd kibana/ [rootlocalhost kibana]# ls bin config LICENSE.txt node plugins README.txt src [rootlocalhost kibana]# cd bin/ [rootlocalhost bin]# ls 运行./kibana即可开启服务但我们将其做到service kibana kibana.bat [rootlocalhost bin]# cd /etc/systemd/system/ [rootlocalhost system]# vi kibana.service 编辑kibana服务[Service] ExecStart/usr/local/kibana/bin/kibana[Install] WantedBymulti-user.target[rootlocalhost system]# systemctl enable kibana.service 设置开机自启动 ln -s /etc/systemd/system/kibana.service /etc/systemd/system/multi-user.target.wants/kibana.service [rootlocalhost system]# systemctl start kibana.service 开启服务 [rootlocalhost system]# systemctl status kibana.service 查看服务运行状态 kibana.serviceLoaded: loaded (/etc/systemd/system/kibana.service; enabled)Active: active (running) since Sun 2015-11-08 11:16:28 CST; 10s agoMain PID: 16131 (node)CGroup: /system.slice/kibana.service?..16131 /usr/local/kibana/bin/../node/bin/node /usr/local/kibana/bin/../src/bin/kibana.jsNov 08 11:16:28 localhost.localdomain systemd[1]: Started kibana.service. Nov 08 11:16:34 localhost.localdomain kibana[16131]: {name:Kibana,hostname:localhost.localdomain,pid:16131,level:30,msg:No existing kibana index found,time:20...43Z,v:0} Nov 08 11:16:34 localhost.localdomain kibana[16131]: {name:Kibana,hostname:localhost.localdomain,pid:16131,level:30,msg:Listening on 0.0.0.0:5601,time:2015-11...93Z,v:0} Hint: Some lines were ellipsized, use -l to show in full. [rootlocalhost system]# netstat -nltp 查看端口监听状态 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 16131/node tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 784/rpcbind tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1457/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3213/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2656/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 14407/sshd: rootpt tcp6 0 0 :::111 :::* LISTEN 784/rpcbind tcp6 0 0 :::9200 :::* LISTEN 15345/java tcp6 0 0 :::9300 :::* LISTEN 15345/java tcp6 0 0 :::22 :::* LISTEN 1457/sshd tcp6 0 0 ::1:631 :::* LISTEN 3213/cupsd tcp6 0 0 ::1:25 :::* LISTEN 2656/master tcp6 0 0 ::1:6010 :::* LISTEN 14407/sshd: rootpt [rootlocalhost system]# firewall-cmd --permanent --add-port5601/tcp 防火墙开启5601端口 success [rootlocalhost system]# firewall-cmd --reload 重载防火墙 success [rootlocalhost system]# firewall-cmd --list-all 查看防火墙开放端口 public (default, active)interfaces: ens33sources: services: dhcpv6-client sshports: 9200/tcp 9300/tcp 5601/tcpmasquerade: noforward-ports: icmp-blocks: rich rules: [rootlocalhost system]# firewall-cmd --permanent --add-forward-portport80:prototcp:toport5601 为5601端口添加80端口的映射这样在浏览器中就可以不用输入端口了 success [rootlocalhost system]# firewall-cmd --reload 重载防火墙 success [rootlocalhost system]# firewall-cmd --list-all 查看防火墙开放端口 public (default, active)interfaces: ens33sources: services: dhcpv6-client sshports: 9200/tcp 9300/tcp 5601/tcpmasquerade: noforward-ports: port80:prototcp:toport5601:toaddricmp-blocks: rich rules: 3.4安装logstash [rootlocalhost system]# cd /home/elk/ [rootlocalhost elk]# ls elasticsearch-1.7.3.noarch.rpm kibana-4.1.2-linux-x64.tar.gz logstash-1.5.4-1.noarch.rpm logstash-forwarder-0.4.0-1.x86_64.rpm [rootlocalhost elk]# yum localinstall logstash-1.5.4-1.noarch.rpm yum本地安装logstash Loaded plugins: fastestmirror, langpacks Examining logstash-1.5.4-1.noarch.rpm: 1:logstash-1.5.4-1.noarch Marking logstash-1.5.4-1.noarch.rpm to be installed Resolving Dependencies -- Running transaction check --- Package logstash.noarch 1:1.5.4-1 will be installed -- Finished Dependency Resolution base/7/x86_64 | 3.6 kB 00:00:00 extras/7/x86_64 | 3.4 kB 00:00:00 extras/7/x86_64/primary_db | 116 kB 00:00:00 updates/7/x86_64 | 3.4 kB 00:00:00 updates/7/x86_64/primary_db | 4.7 MB 00:00:03 Dependencies ResolvedPackage Arch Version Repository SizeInstalling:logstash noarch 1:1.5.4-1 /logstash-1.5.4-1.noarch 136 MTransaction SummaryInstall 1 PackageTotal size: 136 M Installed size: 136 M Is this ok [y/d/N]: y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transactionInstalling : 1:logstash-1.5.4-1.noarch 1/1 Verifying : 1:logstash-1.5.4-1.noarch 1/1 Installed:logstash.noarch 1:1.5.4-1 Complete! [rootlocalhost tls]# hostname -f 查看当前FQDNFQDN设置参见http://www.cnblogs.com/zhenyuyaodidiao/p/4947930.html elk.server.com [rootlocalhost ~]# cd /etc/pki/tls/ 进入到/etc/pki/tls/文件夹 [rootlocalhost tls]# ls cert.pem certs misc openssl.cnf private 以下生成openssl key用于客户端上传日志文件用在客户端配置时会用到 [rootlocalhost tls]# openssl req -subj /CNelk.server.com/ -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out certs/logstash-forwarder.crt Generating a 2048 bit RSA private key .............. ............. writing new private key to private/logstash-forwarder.key ----- [rootlocalhost tls]# ls cert.pem certs misc openssl.cnf private [rootlocalhost tls]# cd private/ [rootlocalhost private]# ll total 4 -rw-r--r--. 1 root root 1704 Nov 8 17:20 logstash-forwarder.key [rootlocalhost private]# cd ../certs/ [rootlocalhost certs]# ll total 16 lrwxrwxrwx. 1 root root 49 Apr 14 2015 ca-bundle.crt - /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem lrwxrwxrwx. 1 root root 55 Apr 14 2015 ca-bundle.trust.crt - /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt -rw-r--r--. 1 root root 1107 Nov 8 17:20 logstash-forwarder.crt -rwxr-xr-x. 1 root root 610 Mar 24 2015 make-dummy-cert -rw-r--r--. 1 root root 2388 Mar 24 2015 Makefile -rwxr-xr-x. 1 root root 829 Mar 24 2015 renew-dummy-cert [rootlocalhost ~]# cd /etc/logstash/conf.d/ [rootlocalhost conf.d]# vi 01-logstash-initial.conf 编辑logstash配置文件input {lumberjack {port 5000type logsssl_certificate /etc/pki/tls/certs/logstash-forwarder.crtssl_key /etc/pki/tls/private/logstash-forwarder.key} }filter {if [type] syslog {grok {match { message %{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message} }add_field [ received_at, %{timestamp} ]add_field [ received_from, %{host} ]}syslog_pri { }date {match [ syslog_timestamp, MMM d HH:mm:ss, MMM dd HH:mm:ss ]}} }output {elasticsearch { host localhost }stdout { codec rubydebug } }[rootlocalhost conf.d]# systemctl enable logstash 设置开机自启动 logstash.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig logstash on The unit files have no [Install] section. They are not meant to be enabled using systemctl. Possible reasons for having this kind of units are: 1) A unit may be statically enabled by being symlinked from another units.wants/ or .requires/ directory. 2) A units purpose may be to act as a helper for some other unit which hasa requirement dependency on it. 3) A unit may be started when needed via activation (socket, path, timer,D-Bus, udev, scripted systemctl call, ...). [rootlocalhost conf.d]# systemctl start logstash.service 开启logstash服务 [rootlocalhost conf.d]# systemctl status logstash.service 查看服务运行状态 logstash.service - LSB: Starts Logstash as a daemon.Loaded: loaded (/etc/rc.d/init.d/logstash)Active: active (running) since Sun 2015-11-08 17:28:34 CST; 14s agoProcess: 20799 ExecStart/etc/rc.d/init.d/logstash start (codeexited, status0/SUCCESS)CGroup: /system.slice/logstash.service?..20805 java -XX:UseParNewGC -XX:UseConcMarkSweepGC -Djava.awt.headlesstrue -XX:CMSInitiatingOccupancyFraction75 -XX:UseCMSInitiatingOccupancyOnly -Djava.io.tmpdir/var/lib...Nov 08 17:28:34 elk logstash[20799]: logstash started. Nov 08 17:28:34 elk systemd[1]: Started LSB: Starts Logstash as a daemon.. [rootlocalhost conf.d]# netstat -nltp 查看端口占用 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 16131/node tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 784/rpcbind tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1457/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3213/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2656/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 14407/sshd: rootpt tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN 17715/sshd: rootpt tcp6 0 0 :::5000 :::* LISTEN 20805/java tcp6 0 0 :::111 :::* LISTEN 784/rpcbind tcp6 0 0 :::9200 :::* LISTEN 15345/java tcp6 0 0 :::9300 :::* LISTEN 15345/java tcp6 0 0 :::9301 :::* LISTEN 20805/java tcp6 0 0 :::22 :::* LISTEN 1457/sshd tcp6 0 0 ::1:631 :::* LISTEN 3213/cupsd tcp6 0 0 ::1:25 :::* LISTEN 2656/master tcp6 0 0 ::1:6010 :::* LISTEN 14407/sshd: rootpt tcp6 0 0 ::1:6012 :::* LISTEN 17715/sshd: rootpt [rootlocalhost conf.d]# cd /var/log/logstash/ [rootlocalhost logstash]# ls 日志文件 logstash.err logstash.log logstash.stdout [rootlocalhost logstash]# firewall-cmd --permanent --add-port5000/tcp 防火墙开放5000端口 success [rootlocalhost logstash]# firewall-cmd --reload 重载防火墙 success [rootlocalhost logstash]# firewall-cmd --list-all 查看端口开放情况 public (default, active)interfaces: ens33sources: services: dhcpv6-client sshports: 9200/tcp 9300/tcp 5000/tcp 5601/tcpmasquerade: noforward-ports: port80:prototcp:toport5601:toaddricmp-blocks: rich rules: 4、Client端安装 [rootlocalhost elk]# vi /etc/hosts 编辑hosts文件127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.7.27 elk.server.com[rootlocalhost elk]# service network restart Restarting network (via systemctl): [ OK ] [rootlocalhost elk]# ping elk.server.com 测试连接 PING elk.server.com (192.168.7.27) 56(84) bytes of data. 64 bytes from elk.server.com (192.168.7.27): icmp_seq1 ttl63 time0.754 ms 64 bytes from elk.server.com (192.168.7.27): icmp_seq2 ttl63 time0.477 ms ^C --- elk.server.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev 0.477/0.615/0.754/0.140 ms [rootlocalhost laizy]# mkdir elk [rootlocalhost laizy]# cd elk/ [rootlocalhost elk]# ls [rootlocalhost elk]# scp root192.168.7.27:/home/elk/logstash-forwarder-0.4.0-1.x86_64.rpm . 拷贝logstash-forwarder到本地 The authenticity of host 192.168.7.27 (192.168.7.27) cant be established. ECDSA key fingerprint is 49:b9:53:89:55:f2:93:87:9b:81:bb:23:a5:24:f1:f9. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 192.168.7.27 (ECDSA) to the list of known hosts. root192.168.7.27s password: logstash-forwarder-0.4.0-1.x86_64.rpm 100% 1692KB 1.7MB/s 00:00 [rootlocalhost elk]# ls logstash-forwarder-0.4.0-1.x86_64.rpm [rootlocalhost elk]# scp root192.168.7.27:/etc/pki/tls/certs/logstash-forwarder.crt . 拷贝Server端的key到本地 root192.168.7.27s password: logstash-forwarder.crt 100% 1107 1.1KB/s 00:00 [rootlocalhost elk]# ll total 1700 -rw-r--r--. 1 root root 1732758 Nov 8 17:36 logstash-forwarder-0.4.0-1.x86_64.rpm -rw-r--r--. 1 root root 1107 Nov 8 17:37 logstash-forwarder.crt [rootlocalhost elk]# cp logstash-forwarder.crt /etc/pki/tls/certs/ 将key拷贝到/etc/pki/tls/certs/下 [rootlocalhost elk]# cd /etc/pki/tls/certs/ [rootlocalhost certs]# ls ca-bundle.crt ca-bundle.trust.crt logstash-forwarder.crt make-dummy-cert Makefile renew-dummy-cert [rootlocalhost certs]# cd /home/laizy/elk/ [rootlocalhost elk]# ls logstash-forwarder-0.4.0-1.x86_64.rpm logstash-forwarder.crt [rootlocalhost elk]# yum localinstall logstash-forwarder-0.4.0-1.x86_64.rpm yum本地安装logstash-forwarder Loaded plugins: fastestmirror, langpacks Examining logstash-forwarder-0.4.0-1.x86_64.rpm: logstash-forwarder-0.4.0-1.x86_64 Marking logstash-forwarder-0.4.0-1.x86_64.rpm to be installed Resolving Dependencies -- Running transaction check --- Package logstash-forwarder.x86_64 0:0.4.0-1 will be installed -- Finished Dependency Resolution base/7/x86_64 | 3.6 kB 00:00:00 extras/7/x86_64 | 3.4 kB 00:00:00 updates/7/x86_64 | 3.4 kB 00:00:00 Dependencies ResolvedPackage Arch Version Repository SizeInstalling:logstash-forwarder x86_64 0.4.0-1 /logstash-forwarder-0.4.0-1.x86_64 5.7 MTransaction SummaryInstall 1 PackageTotal size: 5.7 M Installed size: 5.7 M Is this ok [y/d/N]: y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transactionInstalling : logstash-forwarder-0.4.0-1.x86_64 1/1 Logs for logstash-forwarder will be in /var/log/logstash-forwarder/Verifying : logstash-forwarder-0.4.0-1.x86_64 1/1 Installed:logstash-forwarder.x86_64 0:0.4.0-1 Complete! [rootlocalhost elk]# systemctl enable logstash-forwarder 设置开机自启动 logstash-forwarder.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig logstash-forwarder on The unit files have no [Install] section. They are not meant to be enabled using systemctl. Possible reasons for having this kind of units are: 1) A unit may be statically enabled by being symlinked from another units.wants/ or .requires/ directory. 2) A units purpose may be to act as a helper for some other unit which hasa requirement dependency on it. 3) A unit may be started when needed via activation (socket, path, timer,D-Bus, udev, scripted systemctl call, ...). [rootlocalhost elk]# systemctl start logstash-forwarder.service 开启服务 [rootlocalhost elk]# cd /var/log/logstash-forwarder/ 日志目录 [rootlocalhost logstash-forwarder]# ls logstash-forwarder.err logstash-forwarder.log [rootlocalhost elk]# vi /etc/logstash-forwarder.conf 编辑配置文件{network: {servers: [ elk.server.com:5000 ],ssl ca: /etc/pki/tls/certs/logstash-forwarder.crt,timeout: 15},files: [{paths: [/var/log/messages,/var/log/secure],fields: { type: syslog }}] }[rootlocalhost elk]# systemctl restart logstash-forwarder.service 重启服务 [rootlocalhost elk]# systemctl status logstash-forwarder.service 查看服务运行状态 logstash-forwarder.service - LSB: no description givenLoaded: loaded (/etc/rc.d/init.d/logstash-forwarder)Active: active (running) since Sun 2015-11-08 18:30:51 CST; 18s agoProcess: 10788 ExecStop/etc/rc.d/init.d/logstash-forwarder stop (codeexited, status0/SUCCESS)Process: 10794 ExecStart/etc/rc.d/init.d/logstash-forwarder start (codeexited, status0/SUCCESS)CGroup: /system.slice/logstash-forwarder.service?..10798 /opt/logstash-forwarder/bin/logstash-forwarder -config /etc/logstash-forwarder.confNov 08 18:30:51 localhost.localdomain systemd[1]: Starting LSB: no description given... Nov 08 18:30:51 localhost.localdomain /etc/init.d/logstash-forwarder[10799]: logstash-forwarder started Nov 08 18:30:51 localhost.localdomain logstash-forwarder[10794]: logstash-forwarder started Nov 08 18:30:51 localhost.localdomain systemd[1]: Started LSB: no description given. 5、界面验证首先在client中手动增加一条日志 [rootlocalhost elk]# logger zhenyuLogtest 界面登录 http://192.168.7.27/ 做如下操作从图中可以看到手动添加的日志已经在界面中被搜索到了。本文主要参考了国外一个搭建ELK的视频操作的很详细附上视频的下载链接仅供参考。链接http://pan.baidu.com/s/1jGuBWCQ 密码h0pq

查看全文

http://www.zqtcl.cn/news/818533/