ELK快速部署及使用~
Elastic Stack
开发人员不能登陆线上服务器查看详细日志
各个系统都有日志,日志数据分散难以查找
日志数据量大,查询速度慢,或者数据不够实时
官网地址:https://www.elastic.co/cn/
官网权威指南:https://www.elastic.co/guide/cn/elasticsearch/guide/current/index.html
安装指南:https://www.elastic.co/guide/en/elasticsearch/reference/5.x/rpm.html
ELK是Elasticsearch、Logstash、Kibana的简称,这三者是核心套件,但并非全部。
Elasticsearch是实时全文搜索和分析引擎,提供搜集、分析、存储数据三大功能;是一套开放REST和JAVA API等结构提供高效搜索功能,可扩展的分布式系统。它构建于Apache Lucene搜索引擎库之上。
Logstash是一个用来搜集、分析、过滤日志的工具。它支持几乎任何类型的日志,包括系统日志、错误日志和自定义应用程序日志。它可以从许多来源接收日志,这些来源包括 syslog、消息传递(例如 RabbitMQ)和JMX,它能够以多种方式输出数据,包括电子邮件、websockets和Elasticsearch。
Kibana是一个基于Web的图形界面,用于搜索、分析和可视化存储在 Elasticsearch指标中的日志数据。它利用Elasticsearch的REST接口来检索数据,不仅允许用户创建他们自己的数据的定制仪表板视图,还允许他们以特殊的方式查询和过滤数据
架构图
elasticsearch的安装及常用插件使用
elasticsearch安装
准备环境:
两台虚拟机:内存:4G+处理器:双核磁盘:40G系统要求:System:CentOS7.3(1611)nodejs:v6.10.2Openjdk:1.8.0_131elasticsearch:elasticsearch5.4elasticsearch-head:elasticsearch-head:5ip地址:192.168.1.121安装elasticsearch logstash kibana nginx docker redisip地址:192.168.1.120安装elasticsearch logstash
官网地址:https://www.elastic.co/guide/en/elasticsearch/reference/5.0/rpm.html#rpm-repo
安装elasticsearch的yum源的密钥# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch配置elasticsearch的yum源# vim /etc/yum.repos.d/elasticsearch.repo在elasticsearch.repo文件中添加如下内容[elasticsearch-5.x]name=Elasticsearch repository for 5.x packagesbaseurl=https://artifacts.elastic.co/packages/5.x/yumgpgcheck=1gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearchenabled=1autorefresh=1type=rpm-md
安装elasticsearch的环境
安装elasticsearch# yum install -y elasticsearch安装java环境# yum install -y java验证java安装成功[root@localhost ~]# java -versionopenjdk version "1.8.0_131"OpenJDK Runtime Environment (build 1.8.0_131-b11)OpenJDK 64-Bit Server VM (build 25.131-b11, mixed mode)
创建elasticsearch data的存放目录,并修改该目录的属主属组
# mkdir -p /data/es-data (自定义用于存放data数据的目录)# chown -R elasticsearch:elasticsearch /data/es-data
修改elasticsearch的日志属主属组
# chown -R elasticsearch:elasticsearch /var/log/elasticsearch/
修改elasticsearch的配置文件
# vim /etc/elasticsearch/elasticsearch.yml找到配置文件中的cluster.name,打开该配置并设置集群名称cluster.name: demon找到配置文件中的node.name,打开该配置并设置节点名称node.name: linux-node1修改data存放的路径path.data: /data/es-data修改logs日志的路径path.logs: /var/log/elasticsearch/配置内存使用用交换分区bootstrap.memory_lock: true监听的网络地址network.host: 0.0.0.0开启监听的端口http.port: 9200增加新的参数,这样head插件可以访问es (5.x版本,如果没有可以自己手动加)http.cors.enabled: truehttp.cors.allow-origin: "*"
启动elasticsearch服务
启动服务# systemctl start elasticsearch.service查看服务状态,如果有报错可以去看错误日志 less /var/log/elasticsearch/demon.log(日志的名称是以集群名称命名的)# systemctl status elasticsearch.service创建开机自启动服务# systemctl enable elasticsearch.service
通过浏览器请求下9200的端口,看下是否成功
# curl http://192.168.1.121:9200/{"name" : "linux-node1","cluster_name" : "demon","cluster_uuid" : "kM0GMFrsQ8K_cl5Fn7BF-g","version" : {"number" : "5.4.0","build_hash" : "780f8c4","build_date" : "2017-04-28T17:43:27.229Z","build_snapshot" : false,"lucene_version" : "6.5.0"},"tagline" : "You Know, for Search"}
如何和elasticsearch交互
JavaAPI
RESTful API
Javascript,.Net,PHP,Perl,Python利用API查看状态# curl -i -XGET 'localhost:9200/_count?pretty'HTTP/1.1 200 OKcontent-type: application/json; charset=UTF-8content-length: 95{"count" : 0,"_shards" : {"total" : 0,"successful" : 0,"failed" : 0}}
安装插件
# /usr/share/elasticsearch/bin/elasticsearch-plugin install mapper-attachments注:还有一些监控的优秀插件,但是因为不支持elasticsearch5.4的版本kopf github地址:https://github.com/lmenezes/elasticsearch-kopfbigdesk github地址:https://github.com/lukas-vlcek/bigdesk
安装elasticsearch-head插件
安装docker镜像或者通过github下载elasticsearch-head项目都是可以的,1或者2两种方式选择一种安装使用即可1. 使用docker的集成好的elasticsearch-head# docker run -p 9100:9100 mobz/elasticsearch-head:5docker容器下载成功并启动以后,运行浏览器打开http://localhost:9100/2. 使用git安装elasticsearch-head# yum install -y npm# git clone git://github.com/mobz/elasticsearch-head.git# cd elasticsearch-head# npm install# npm run startgit下载成功并安装完毕以后,浏览器打开http://localhost:9100/3. 安装nodejsnodejs官网地址:https://nodejs.org/en/download/下载node的压缩包# wget https://nodejs.org/dist/v6.10.3/node-v6.10.3-linux-x64.tar.xz因为下载的压缩包是xz格式的,所以还需要安装一下xz# yum install -y xz解压缩# xz -d node-v6.10.3-linux-x64.tar.xz解压缩完毕以后是个tar包,还需要把tar再次解压# tar -xvf node-v6.10.3-linux-x64.tar解压完node的安装文件后,需要配置下环境变量,编辑/etc/profile,添加# echo "# set node environment" >> /etc/profile# echo "export NODE_HOME=/usr/elk/node-v6.10.3-linux-x64" >> /etc/profile# echo "export PATH=$PATH:$NODE_HOME/bin" >> /etc/profile# source /etc/profile看下nodejs的目录及使用版本# echo $NODE_HOME# node -v重启elasticsearch服务# systemctl restart elasticsearch.service
要选择自己对应的系统版本和架构
测试下效果
获取id信息
可以通过页面来查看添加的数据,包括可以使用基本查询来过滤数据
来测试下删除的效果吧~
LogStash的使用
安装Logstash环境:
官方安装手册:
https://www.elastic.co/guide/en/logstash/current/installing-logstash.html
下载yum源的密钥认证:# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch利用yum安装logstash# yum install -y logstash查看下logstash的安装目录# rpm -ql logstash执行logstash的命令# /usr/share/logstash/bin/logstash -e 'input { stdin { } } output { stdout {} }'运行成功以后输入:hello,worldstdout返回的结果:2017-05-23T06:55:03.607Z linux-node1 hello,world注:-e 执行操作input 标准输入{ input } 插件output 标准输出{ stdout } 插件
通过rubydebug来输出下更详细的信息# /usr/share/logstash/bin/logstash -e 'input { stdin { } } output { stdout {codec => rubydebug} }'执行成功输入:wtfstdout输出的结果:{"@timestamp" => 2017-05-23T07:01:18.961Z,"@version" => "1","host" => "linux-node1","message" => "wtf"}注:codec 编解码器把logstash的结果输出到elasticsearch中# /usr/share/logstash/bin/logstash -e 'input { stdin { } } output { elasticsearch { hosts => ["192.168.1.121:9200"] } }'运行成功以后输入:r8V12123
elasticsearch中的效果:
如果标准输出还有elasticsearch中都需要保留应该怎么玩,看下面# /usr/share/logstash/bin/logstash -e 'input { stdin { } } output { elasticsearch { hosts => ["192.168.1.121:9200"] } stdout { codec => rubydebug }}'运行成功以后输入:demon返回的结果(标准输出中的结果):{"@timestamp" => 2017-05-23T07:35:16.492Z,"@version" => "1","host" => "linux-node1","message" => "demon"}
elasticsearch中的效果:
logstash使用配置文件
官方指南:https://www.elastic.co/guide/en/logstash/current/configuration.html创建配置文件01-logstash.conf# vim /etc/logstash/conf.d/01-logstash.conf文件中添加以下内容input { stdin { } }output {elasticsearch { hosts => ["localhost:9200"] }stdout { codec => rubydebug }}使用配置文件运行logstash# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/01-logstash.conf运行成功以后输入以及标准输出结果我是木头人{"@timestamp" => 2017-05-23T12:22:49.677Z,"@version" => "1","host" => "linux-node1","message" => "我是木头人"}
logstash的数据库类型
1. Input插件权威指南:https://www.elastic.co/guide/en/logstash/current/input-plugins.htmlfile插件的使用# vim /etc/logstash/conf.d/file.conf添加如下配置input {file {path => "/var/log/messages"type => "system"start_position => "beginning"}}output {elasticsearch {hosts => ["localhost:9200"]index => "system-%{+YYYY.MM.dd}"}}运行logstash指定file.conf配置文件,进行过滤匹配# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/file.conf
显示匹配到的日志结果
来一发配置Java日志的并且把日志的索引按类型做存放,继续编辑file.conf文件# vim /etc/logstash/conf.d/file.conf添加java日志的路径input {file {path => "/var/log/messages"type => "system"start_position => "beginning"}file {path => "/var/log/elasticsearch/demon.log"type => "es-error"start_position => "beginning"}}output {if [type] == "system" {elasticsearch {hosts => ["localhost:9200"]index => "system-%{+YYYY.MM.dd}"}}if [type] == "es-error" {elasticsearch {hosts => ["localhost:9200"]index => "es-error-%{+YYYY.MM.dd}"}}}运行logstash指定file.conf配置文件,进行过滤匹配# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/file.conf2. Output插件权威指南实例:https://www.elastic.co/guide/en/logstash/current/output-plugins.html3. Filter插件权威指南实例:https://www.elastic.co/guide/en/logstash/current/plugins-filters-age.htmlgrok的官方实例https://www.elastic.co/guide/en/logstash/current/plugins-filters-grok.html创建grok.conf的配置文件# vim /etc/logstash/conf.d/grok.conf添加如下内容input {stdin {}}filter {grok {match => { "message" => "%{IP:client} %{WORD:method} %{URIPATHPARAM:request} %{NUMBER:bytes} %{NUMBER:duration}" }}}output {stdout {codec => "rubydebug"}}运行成功以后输入55.3.244.1 GET /index.html 15824 0.0434. Codec插件权威指南实例:https://www.elastic.co/guide/en/logstash/current/codec-plugins.htmlmultiline多行插件多行匹配的实例:https://www.elastic.co/guide/en/logstash/current/plugins-codecs-multiline.html# vim /etc/logstash/conf.d/mutiline.conf添加如下内容input {stdin {codec => multiline {pattern => "^\["negate => "true"what => "previous"}}}output {stdout {codec => "rubydebug"}}
利用logstash做nginx的访问日志分析
安装nginx# yum -y nginx修改nginx.conf配置文件,日志配置成json保存的格式# vim /etc/nginx/conf.d/nginx.conf修改内容如下注释掉http段中的access_log添加如下内容log_format json '{"@timestamp":"$time_iso8601",''"@version":"1",''"client":"$remote_addr",''"url":"$uri",''"status":"$status",''"domian":"$host",''"host":"$server_addr",''"size":"$body_bytes_sent",''"responsetime":"$request_time",''"referer":"$http_referer",''"ua":"$http_user_agent"''}';
在server段中添加访问日志以json格式保存access_log /var/log/nginx/access_json.log json;
检测配置文件# nginx -t配置文件没有错误,可以启动服务# systemctl start nginx.service打开浏览器请求nginx服务的ip地址或者使用curl命令# curl -I http://192.168.1.121使用tail -f监测nginx的访问日志# tail -f /var/log/nginx/access_json.log{"@timestamp":"2017-05-25T13:08:04+08:00","@version":"1","client":"192.168.1.105","url":"/index.html","status":"304","domian":"192.168.1.121","host":"192.168.1.121","size":"0","responsetime":"0.000","referer":"-","ua":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.15 Safari/537.36"}创建logstash的nginx.conf配置文件# vim /etc/logstash/cond.d/nginx.conf添加如下内容input {file {path => "/var/log/nginx/access_json.log"codec => json}}output {stdout {codec => "rubydebug"}}执行logstach指定nginx.conf的配置文件来匹配nginx的访问日志# /usr/share/logstash/bin/logstash -f /etc/logstash/cond.d/nginx.conf浏览器或者curl来请求nginx的ip地址就会有json格式的返回{"referer" => "-","domian" => "192.168.1.121","ua" => "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.15 Safari/537.36","type" => "nginx-log","url" => "/index.html","path" => "/var/log/nginx/access_json.log","@timestamp" => 2017-05-25T05:13:29.000Z,"size" => "0","@version" => "1","host" => "192.168.1.121","client" => "192.168.1.105","responsetime" => "0.000","status" => "304"}完整的logstash配置文件# vim /etc/logstash/conf.d/all.conf添加如下内容input {syslog {type => "system-syslog"host => "192.168.1.121"port => "514"}file {path => "/var/log/messages"type => "system"start_position => "beginning"}file {path => "/var/log/elasticsearch/demon.log"type => "es-error"start_position => "beginning"codec => multiline {pattern => "^\["negate => "true"what => "previous"}}file {path => "/var/log/nginx/access_json.log"codec => jsontype => "nginx-log"start_position => "beginning"}}output {if [type] == "system" {elasticsearch {hosts => ["localhost:9200"]index => "system-%{+YYYY.MM.dd}"}}if [type] == "es-error" {elasticsearch {hosts => ["localhost:9200"]index => "es-error-%{+YYYY.MM.dd}"}}if [type] == "nginx-log" {elasticsearch {hosts => ["localhost:9200"]index => "nginx-log-%{+YYYY.MM.dd}"}}if [type] == "system-syslog" {elasticsearch {hosts => ["localhost:9200"]index => "system-syslog-%{+YYYY.MM.dd}"}}}运行logstach中的all.conf配置文件# /usr/share/logstash/bin/logstash -f /etc/logstash/cond.d/all.conf
效果图:
可以识别的logstash
自定义logstash配置分割出来的日志信息
利用logstash做syslog的日志分析
编辑rsyslog.conf的配置文件# vim /etc/syslog.conf开启以下配置,并配置为本机的ip地址源配置:*.* @@remote-host:514更改为:*.* @@192.168.1.121:514重启rsyslog服务# systemctl restart rsyslog.service创建syslog.conf的配置文件# vim /etc/logstash/conf.d/syslog.conf添加如下内容input {syslog {type => "system-syslog"host => "192.168.1.121"port => "514"}}output {stdout {codec => "rubydebug"}}执行logstach运行syslog.conf的监测日志配置文件# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/syslog.conf重启以后就可以看到输出效果了,把这段代码分别添加到all.conf中input中加入syslog {type => "system-syslog"host => "192.168.1.121"port => "514"}output中加入if [type] == "system-syslog" {elasticsearch {hosts => ["localhost:9200"]index => "system-syslog-%{+YYYY.MM.dd}"}}
kibana中添加system-syslog-*,查看显示效果
动态图添加效果展示
利用logstash做tcp的日志分析
安装nc服务# yum -y install nc编辑tcp.conf的配置文件# vim /etc/logstash/conf.d/tcp.conf输入以下内容input {tcp {host => "192.168.1.121"port => "6666"}}output {stdout {codec => "rubydebug"}}logstash执行tcp.conf配置文件在终端输入测试数据# nc 192.168.1.121 6666 < /etc/fstab显示测试数据的结果.......{"@timestamp" => 2017-05-24T06:45:25.387Z,"port" => 39212,"@version" => "1","host" => "192.168.1.121","message" => "# Created by anaconda on Mon May 15 00:38:20 2017"}{"@timestamp" => 2017-05-24T06:45:25.389Z,"port" => 39212,"@version" => "1","host" => "192.168.1.121","message" => "#"}.......# echo " 磨人小妖精,看俺老孙金箍棒 " | nc 192.168.1.121 6666{"@timestamp" => 2017-05-24T06:49:57.005Z,"port" => 39214,"@version" => "1","host" => "192.168.1.121","message" => " 磨人小妖精,看俺老孙金箍棒 "}
Kibana的安装及使用
安装kibana环境
官方安装手册:https://www.elastic.co/guide/en/kibana/current/install.html
下载kibana的tar.gz的软件包# wget https://artifacts.elastic.co/downloads/kibana/kibana-5.4.0-linux-x86_64.tar.gz解压kibana的tar包# tar -xzf kibana-5.4.0-linux-x86_64.tar.gz进入解压好的kibana# mv kibana-5.4.0-linux-x86_64 /usr/local创建kibana的软连接# ln -s /usr/local/kibana-5.4.0-linux-x86_64/ /usr/local/kibana编辑kibana的配置文件# vim /usr/local/kibana/config/kibana.yml修改配置文件如下,开启以下的配置server.port: 5601server.host: "0.0.0.0"elasticsearch.url: "http://192.168.1.121:9200"kibana.index: ".kibana"安装screen,以便于kibana在后台运行# yum -y install screen# screen# /usr/local/kibana/bin/kibana按住ctrl + a d关闭screen打开浏览器并设置对应的indexhttp://192.168.1.121:5601
设置完毕以后,点create创建
显示效果炫酷屌炸天呀~
来一发动态效果图
kibana创建视图
创建饼图
利用markdown创建联系人
Nginx独立ip访问的柱形图
Nginx页面访问次数统计
显示访问nginx的总次数
根据时间统计绘制波动图
把所有的独立视图放到一个dashboard中
实战篇
安装reids# yum install -y redis修改redis的配置文件# vim /etc/redis.conf修改内容如下daemonize yesbind 192.168.1.121启动redis服务# systemctl start redis测试redis的是否启用成功# redis-cli -h 192.168.1.121输入info如果有不报错即可192.168.1.121:6379> info# Serverredis_version:3.2.3redis_git_sha1:00000000....编辑配置redis-out.conf配置文件,把标准输入的数据存储到redis中# vim /etc/logstash/conf.d/redis-out.conf添加如下内容input {stdin {}}output {redis {host => "192.168.1.121"port => "6379"db => '6'data_type => "list"key => 'demo'}}运行logstash指定redis-out.conf的配置文件# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/redis-out.conf运行成功以后,在logstash中输入hello,redis开启另外一个终端链接,并进入到redis查看是否已经成功# redis-cli -h 192.168.1.121select 6keys *LINDEX demo -1redis返回的结果{\"@timestamp\":\"2017-05-24T11:51:15.067Z\",\"@version\":\"1\",\"host\":\"linux-node1\",\"message\":\"hello,redis\"}"编辑配置redis-in.conf配置文件,把reids的存储的数据输出到elasticsearch中# vim /etc/logstash/conf.d/redis-in.conf添加如下内容input {redis {host => "192.168.1.121"port => "6379"db => '6'data_type => "list"key => 'demo'}}output {elasticsearch {hosts => ["192.168.1.121:9200"]index => "redis-demo-%{+YYYY.MM.dd}"}}运行logstash指定redis-in.conf的配置文件# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/redis-in.conf把之前的all.conf的配置文件修改一下,变成所有的日志监控的来源文件都存放到redis中,然后通过redis在输出到elasticsearch中# cd /etc/logstash/conf.d/# cp all.conf shipper.conf更改为如下input {syslog {type => "system-syslog"host => "192.168.1.121"port => "514"}file {path => "/var/log/messages"type => "system"start_position => "beginning"}file {path => "/var/log/elasticsearch/demon.log"type => "es-error"start_position => "beginning"codec => multiline {pattern => "^\["negate => "true"what => "previous"}}file {path => "/var/log/nginx/access_json.log"codec => jsontype => "nginx-log"start_position => "beginning"}}output {if [type] == "system" {redis {host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'system'}}if [type] == "es-error" {redis {host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'es-error'}}if [type] == "nginx-log" {redis {host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'nginx-log'}}if [type] == "system-syslog" {redis {host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'system-syslog'}}}运行logstash指定shipper.conf的配置文件# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/shipper.conf开启另外一个终端运行redis-cli# redis-cli -h 192.168.1.121redis中已有数据192.168.1.121:6379> select 6OK192.168.1.121:6379[6]> keys *1) "system"2) "es-error"3) "nginx-log"把redis中的数据读取出来,写入到elasticsearch中(需要另外一台主机做实验 ip地址[192.168.1.120])编辑配置文件shipper.conf [192.168.1.120]上操作# vim /etc/logstash/conf.d/shipper.conf添加如下内容input {redis {type => "system"host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'system'}redis {type => "es-error"host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'es-error'}redis {type => "nginx-log"host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'nginx-log'}redis {type => "system-syslog"host => "192.168.1.121"port => "6379"db => "6"data_type => "list"key => 'system-syslog'}}output {if [type] == "system" {elasticsearch {hosts => ["192.168.1.121:9200"]index => "system-%{+YYYY.MM.dd}"}}if [type] == "es-error" {elasticsearch {hosts => ["192.168.1.121:9200"]index => "es-error-%{+YYYY.MM.dd}"}}if [type] == "nginx-log" {elasticsearch {hosts => ["192.168.1.121:9200"]index => "nginx-log-%{+YYYY.MM.dd}"}}if [type] == "system-syslog" {elasticsearch {hosts => ["192.168.1.121:9200"]index => "system-syslog-%{+YYYY.MM.dd}"}}}注意:input是从192.168.1.121的redis中获取数据的output是同样也保存到192.168.1.121中的elasticsearch中,如果要保存到当前的主机上,可以把output中的hosts修改成localhost,如果还需要在kibana中显示,需要在本机上部署kabana,为何要这样做,起到一个松耦合的目的192.168.1.121主机上运行logstash命令,用于把数据保存到redis数据库# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/shipper.conf192.168.1.120主机上运行logstash命令,用于从数据库中读取数据并输出给elasticsearch# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/shipper.conf
上线ELK
1. 日志分类系统日志 rsyslog logstash syslog插件访问日志 nginx logstash codec json错误日志 file logstash mulitline运行日志 file logstash codec json设备日志 syslog logstash syslog插件Debug日志 file logstash json 或者 mulitline2. 日志标准化路径 固定格式 尽量json3. 系统个日志开始-->错误日志-->运行日志-->访问日志
未完待续....
ELK快速部署及使用~的更多相关文章
- Docker环境 ELK 快速部署
Docker环境 ELK快速部署 环境 Centos 7.4 , Docker version 17.12 Docker至少3GB内存: #内核配置 echo ' vm.max_map_count = ...
- ES快速开发,ElasticsearchRestTemplate基本使用以及ELK快速部署
最近博主有一些elasticsearch的工作,所以更新的慢了些,现在就教大家快速入门,并对一些基本的查询.更新需求做一下示例,废话不多说开始: 1. ES快速上手 es下载:[https://ela ...
- 使用Docker快速部署ELK分析Nginx日志实践(二)
Kibana汉化使用中文界面实践 一.背景 笔者在上一篇文章使用Docker快速部署ELK分析Nginx日志实践当中有提到如何快速搭建ELK分析Nginx日志,但是这只是第一步,后面还有很多仪表盘需要 ...
- ELK快速入门(一)基本部署
ELK快速入门一-基本部署 ELK简介 什么是ELK?通俗来讲,ELK是由Elasticsearch.Logstash.Kibana 三个开源软件组成的一个组合体,这三个软件当中,每个软件用于完成不同 ...
- 使用Docker快速部署ELK分析Nginx日志实践
原文:使用Docker快速部署ELK分析Nginx日志实践 一.背景 笔者所在项目组的项目由多个子项目所组成,每一个子项目都存在一定的日志,有时候想排查一些问题,需要到各个地方去查看,极为不方便,此前 ...
- ELK快速入门(二)通过logstash收集日志
ELK快速入门二-通过logstash收集日志 说明 这里的环境接着上面的ELK快速入门-基本部署文章继续下面的操作. 收集多个日志文件 1)logstash配置文件编写 [root@linux-el ...
- ELK快速入门(三)logstash收集日志写入redis
ELK快速入门三-logstash收集日志写入redis 用一台服务器部署redis服务,专门用于日志缓存使用,一般用于web服务器产生大量日志的场景. 这里是使用一台专门用于部署redis ,一台专 ...
- ELK快速入门(五)配置nginx代理kibana
ELK快速入门五-配置nginx代理kibana 由于kibana界面默认没有安全认证界面,为了保证安全,通过nginx进行代理并设置访问认证. 配置kibana [root@linux-elk1 ~ ...
- Linux上oracle精简版客户端快速部署
RHEL6 + Oracle 11g客户端快速部署 需求:只是用到客户端的sqlplus, sqlldr功能. 方案:用精简版实现客户端的快速部署 1.上传oracle精简版客户端到服务器/tmp目录 ...
随机推荐
- ajax 防止重复提交
参考链接:http://www.hollischuang.com/archives/931 http://blog.csdn.net/everything1209/article/details/52 ...
- MariaDB与MySQL
一.MariaDB安装部署 tar zxvf mariadb-5.5.31-linux-x86_64.tar.gz mv mariadb-5.5.31-linux-x86_64 /usr/local/ ...
- Problem 2285 迷宫寻宝 (BFS)
题目链接:http://acm.fzu.edu.cn/problem.php?pid=2285 Problem 2285 迷宫寻宝 Accept: 323 Submit: 1247Time Li ...
- Oracle 12c 单实例安装
准备工作 实验环境:Redhat 6.6 Oracle 12c 12.2.0.1 1.官网下载 https://www.oracle.com/technetwork/database/enterp ...
- MongoDB --- 02. 基本操作,增删改查,数据类型,比较符,高级用法,pymongo
一.基本操作 . mongod 启动服务端 2. mongo 启动客户端 3. show databses 查看本地磁盘的数据库 4. use 库名 切换到要使用的数据库 5. db 查看当前使用的数 ...
- vue filters中使用data中数据
vue filters中 this指向的不是vue实例,但想要获取vue实例中data中的数据,可以采用下面方法.在 beforeCreate中将vue实例赋值给全局变量app0,然后filters中 ...
- css中绝对定位和相对定位的区别
先说个技巧一般用:子绝父相,即相对定位是给父级的,绝对定位的时候是给子级的. 一:绝对定位 position: absolute;绝对定位:绝对定位是相对于元素最近的已定位的祖先元素(即是设置了绝对定 ...
- Java基础知识盘点(二)- 集合篇
List和Set区别 List和Set都是继承Collection接口 List特点:元素有放入顺序,元素可重复 Set特点:元素无放入顺序,元素不可重复 Set和List对比: Set:检索元素效率 ...
- shell date命令
date命令的语法结构: date [-d][时间运算] [+FORMAT] 先说简单的,[+FORMAT] 部分,主要有如下输出格式: 时间方面: %H : 小时(00..23) %I : 小时(0 ...
- Java中的集合类,集合类有哪些,如何增添删除元素,如何遍历
http://www.cnblogs.com/LittleHann/p/3690187.html import java.util.*; public class TestCollection { p ...