filebeat7.5 日志
百度网盘 提取码: 6cvu
解压
tar -zxvf filebeat-7.5.0-linux-x86_64.tar.gz mv filebeat-7.5.0-linux-x86_64 /usr/local/filebeat [root@localhost src]# cd /usr/local/filebeat/
[root@localhost filebeat]# ls
fields.yml kibana NOTICE.txt
filebeat LICENSE.txt README.md
filebeat.reference.yml module
filebeat.yml modules.d vim my.yml filebeat.inputs:
- type: stdin
enabled: true
setup.template.settings:
index.number_of_shards: 3
output.console:
pretty: true
enable: true [root@localhost filebeat]# ./filebeat -e -c my.yml [root@localhost filebeat]# ./filebeat -e -c my.yml
2020-07-04T03:48:20.189+0100 INFO instance/beat.go:610 Home path: [/usr/local/filebeat] Config path: [/usr/local/filebeat] Data path: [/usr/local/filebeat/data] Logs path: [/usr/local/filebeat/logs]
2020-07-04T03:48:20.190+0100 INFO instance/beat.go:618 Beat ID: 712a5cbe-d959-49e7-8d80-4c84cba7fa7d
2020-07-04T03:48:20.190+0100 INFO [seccomp] seccomp/seccomp.go:101 Syscall filter could not be installed because the kernel does not support seccomp
2020-07-04T03:48:20.190+0100 INFO [beat] instance/beat.go:941 Beat info {"system_info": {"beat": {"path": {"config": "/usr/local/filebeat", "data": "/usr/local/filebeat/data", "home": "/usr/local/filebeat", "logs": "/usr/local/filebeat/logs"}, "type": "filebeat", "uuid": "712a5cbe-d959-49e7-8d80-4c84cba7fa7d"}}}
2020-07-04T03:48:20.190+0100 INFO [beat] instance/beat.go:950 Build info {"system_info": {"build": {"commit": "6d0d0ae079e5cb1d4f224801ac6df926dfb1594c", "libbeat": "7.5.0", "time": "2019-11-26T00:06:12.000Z", "version": "7.5.0"}}}
2020-07-04T03:48:20.190+0100 INFO [beat] instance/beat.go:953 Go runtime info {"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":2,"version":"go1.12.12"}}}
2020-07-04T03:48:20.191+0100 INFO [beat] instance/beat.go:957 Host info {"system_info": {"host": {"architecture":"x86_64","boot_time":"2020-07-03T01:21:03+01:00","containerized":false,"name":"localhost.localdomain","ip":["127.0.0.1/8","::1/128","10.0.2.15/24","fe80::a00:27ff:fe6c:3e95/64","192.168.55.10/24","fe80::a00:27ff:fe4d:f249/64"],"kernel_version":"3.10.0-327.4.5.el7.x86_64","mac":["08:00:27:6c:3e:95","08:00:27:4d:f2:49"],"os":{"family":"redhat","platform":"centos","name":"CentOS Linux","version":"7 (Core)","major":7,"minor":2,"patch":1511,"codename":"Core"},"timezone":"BST","timezone_offset_sec":3600,"id":"e147b422673549a3b4fda77127bd4bcd"}}}
2020-07-04T03:48:20.191+0100 INFO [beat] instance/beat.go:986 Process info {"system_info": {"process": {"capabilities": {"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"ambient":null}, "cwd": "/usr/local/filebeat", "exe": "/usr/local/filebeat/filebeat", "name": "filebeat", "pid": 17355, "ppid": 4042, "seccomp": {"mode":"disabled"}, "start_time": "2020-07-04T03:48:19.890+0100"}}}
2020-07-04T03:48:20.191+0100 INFO instance/beat.go:297 Setup Beat: filebeat; Version: 7.5.0
2020-07-04T03:48:20.191+0100 INFO [publisher] pipeline/module.go:97 Beat name: localhost.localdomain
2020-07-04T03:48:20.191+0100 WARN beater/filebeat.go:152 Filebeat is unable to load the Ingest Node pipelines for the configured modules because the Elasticsearch output is not configured/enabled. If you have already loaded the Ingest Node pipelines or are using Logstash pipelines, you can ignore this warning.
2020-07-04T03:48:20.192+0100 INFO [monitoring] log/log.go:118 Starting metrics logging every 30s
2020-07-04T03:48:20.192+0100 INFO instance/beat.go:429 filebeat start running.
2020-07-04T03:48:20.192+0100 INFO registrar/registrar.go:145 Loading registrar data from /usr/local/filebeat/data/registry/filebeat/data.json
2020-07-04T03:48:20.192+0100 INFO registrar/registrar.go:152 States Loaded from registrar: 1
2020-07-04T03:48:20.192+0100 WARN beater/filebeat.go:368 Filebeat is unable to load the Ingest Node pipelines for the configured modules because the Elasticsearch output is not configured/enabled. If you have already loaded the Ingest Node pipelines or are using Logstash pipelines, you can ignore this warning.
2020-07-04T03:48:20.192+0100 INFO crawler/crawler.go:72 Loading Inputs: 1
2020-07-04T03:48:20.192+0100 INFO input/input.go:114 Starting input of type: stdin; ID: 11136643476161899408
2020-07-04T03:48:20.192+0100 INFO crawler/crawler.go:106 Loading and starting Inputs completed. Enabled inputs: 1
2020-07-04T03:48:20.192+0100 INFO log/harvester.go:251 Harvester started for file: -
hello
{
"@timestamp": "2020-07-04T02:48:25.312Z",
"@metadata": {
"beat": "filebeat",
"type": "_doc",
"version": "7.5.0"
},
"log": {
"offset": 0,
"file": {
"path": ""
}
},
"message": "hello",
"input": {
"type": "stdin"
},
"host": {
"name": "localhost.localdomain"
},
"agent": {
"ephemeral_id": "2c6ab758-9db1-461a-9a1a-56757130ca43",
"hostname": "localhost.localdomain",
"id": "712a5cbe-d959-49e7-8d80-4c84cba7fa7d",
"version": "7.5.0",
"type": "filebeat"
},
"ecs": {
"version": "1.1.0"
}
}
2020-07-04T03:48:26.321+0100 ERROR file/states.go:112 State for should have been dropped, but couldn't as state is not finished.
读取文件日志
vim log.yml
filebeat.inputs:
- type: log
enabled: true
paths:
- /phpwww/directory/storage/logs/*.log
setup.template.settings:
index.number_of_shards: 3
output.console:
pretty: true
enable: true
./filebeat -e -c log.yml -d "publish"
输出到elasticsearch
filebeat.inputs:
- type: log
enabled: true
paths:
- /phpwww/directory/storage/logs/*.log
setup.template.settings:
index.number_of_shards: 3
output.elasticsearch: #指定ES的配置
hosts: ["192.168.55.10:9200"]
filebeat7.5 日志的更多相关文章
- Filebeat7 Kafka Gunicorn Flask Web应用程序日志采集
本文的内容 如何用filebeat kafka es做一个好用,好管理的日志收集工具 放弃logstash,使用elastic pipeline gunicron日志格式与filebeat/es配置 ...
- Docker部署ELK 日志归集
ELK ELK是Elasticsearch.Logstash.Kibana的缩写,使用ELK的原因是因为公司使用Spring cloud部署了多个微服务,不同的微服务有不同的日志文件,当生产上出现问题 ...
- docker方式部署elk日志搜索平台
Docker部署ELKF操作文档 前提介绍 1.之前搭建elk+f+k使用原生系统软件安装方式,由于docker镜像日趋成熟,docker官网和elastic官网都有相关镜像和各自安装文档可供参考,各 ...
- ELKBR部署检测项目日志
ELK filebeat:具有日志收集功能,相比logstash,+filebeat更轻量,占用资源更少,适合客户端使用. redis消息队列选型:Redis 服务器通常都是用作 NoSQL 数据库, ...
- 通过Filebeat把日志传入到Elasticsearch
学习的地方:配置文件中预先处理字段数据的用法 通过Filebeat把日志传入到Elasticsearch Elastic Stack被称之为ELK (Elasticsearch,Logstash an ...
- centos7.6使用 supervisor 对filebeat7.3.1进程进行管理
centos7.6使用 supervisor 对filebeat7.3.1进程进行管理 Supervisor 是一个 Python 开发的 client/server 系统,可以管理和监控类 UNIX ...
- filebeat获取nginx的access日志配置
filebeat获取nginx的access日志配置 产生nginx日志的服务器即生产者服务器配置: 拿omp.chinasoft.com举例: .nginx.conf主配置文件添加日志格式 log_ ...
- filebeat开启自带模块收集日志如何辨别日志来源等
filebeat启动自带模块后,日志先输出到Redis中 比如开启了system模块日志和redis模块日志 在Redis中查看收集过来的日志时,可以看到如下的这些信息 system日志信息 { &q ...
- ELK7.4.0分析nginx json日志
ELK7.4.0单节点部署 环境准备 安装系统,数据盘设置为/srv 内核优化参考 我们需要创建elk专用的账号,并创建所需要的目录并授权 useradd elk; mkdir /srv/{app,d ...
随机推荐
- 分布式处理框架Hadoop的安装与使用
Hadoop简介 Hadoop是一个由Apache基金会所开发的分布式系统基础架构.用户可以在不了解分布式底层细节的情况下,开发分布式程序. 充分利用集群的威力进行高速运算和存储.Hadoop实现了一 ...
- 《Redis内存数据库》Redis环境搭建
前言 Redis(Remote Dictionary Server ),即远程字典服务,是一个开源的使用ANSI C语言编写.支持网络.可基于内存亦可持久化的日志型.Key-Value数据库,并提供多 ...
- wsl 修改默认安装路径
如果已经装了,先删除 mklink /j C:\Users\XXXX\AppData\Local\Packages\CanonicalGroupLimited.UbuntuonWindows_79rh ...
- [05] 通过P/Invoke加速C#程序
通过P/Invoke加速C#程序 任何语言都会提供FFI机制(Foreign Function Interface, 叫法不太一样), 大多数的FFI机制是和C API. C#提供了P/Invoke来 ...
- [LeetCode]21. 合并两个有序链表(递归)
题目 将两个有序链表合并为一个新的有序链表并返回.新链表是通过拼接给定的两个链表的所有节点组成的. 示例: 输入:1->2->4, 1->3->4 输出:1->1-> ...
- 分布式系统监视zabbix讲解五之web监控
Web 监控 概况 你可以使用 Zabbix 检查几个网站可用性方面. 如果要使用 Web 检测功能,必须在 编译Zabbix 的时候加入 cURL(libcurl) 的支持. 要使用 Web 监控, ...
- @Autowried入门和源码分析
话不多说直接上代码: 声明一个接口userDao: package ioc.hello; public interface UserDao { public void test(); } 2个实现类: ...
- 安装Ubuntu虚拟机
centos已经满足不了我了,这里就装了个虚拟机,等有钱了再单配台单系统的Linux主机. 一.下载Ubuntu的ISO文件 用国内的网易镜像站点 进去点个16.04.6,然后下个64位的.iso就好 ...
- Tomcat 中 catalina.out、catalina.log、localhost.log 和 access_log 的区别
打开 Tomcat 安装目录中的 log 文件夹,我们可以看到很多日志文件,这篇文章就来介绍下这些日记文件的具体区别. catalina.out 日志 catalina.out 日志文件是 Tomca ...
- 深入解析Vue里函数的调用顺序介绍
今天为大家分享一篇对vue里函数的调用顺序介绍,写的十分的全面细致,具有一定的参考价值,对此有需要的朋友可以参考学习下.如有不足之处,欢迎批评指正. method用来定义方法的,比如你@click=& ...