ELK 部署

一、 下载源码包

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.11.2-linux-x86_64.tar.gz --no-check-certificate
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.11.2-linux-x86_64.tar.gz --no-check-certificate
wget https://artifacts.elastic.co/downloads/logstash/logstash-7.11.2-linux-x86_64.tar.gz --no-check-certificate
wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.12.0-linux-x86_64.tar.gz --no-check-certificate
wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.12.0-windows-x86_64.zip --no-check-certificate

 

二、 解压到/usr/local/elk/

 

 

三、 创建用户elk用以启动

useradd elk
chown -R elk:elk /usr/local/elk/

 

四、 修改相关内核参数

cat /etc/security/limits.conf |grep -v "^#"
*                soft    nproc           65536
*                hard    nproc           65536
*                soft    nofile          65536
*                hard    nofile          65536

cat /etc/sysctl.conf | grep -v "^#"
vm.max_map_count=262144

 

五、配置 elasticsearch

cat config/elasticsearch.yml |grep -v "^#"
node.name: node-1
path.data: /usr/local/elk/elasticsearch/data
path.logs: /usr/local/elk/elasticsearch/logs
network.host: 192.168.199.209
http.port: 9200
cluster.initial_master_nodes: ["node-1"]
index.store.type: niofs

 

六、 elasticsearch 启动、测试:

    启动

/usr/local/elk/elasticsearch/bin/elasticsearch -d

    测试:

curl http://192.168.199.209:9200
>

{

  "name" : "node-1",

  "cluster_name" : "elasticsearch",

  "cluster_uuid" : "dnOzCDjyReuF-1y9qznlyA",

  "version" : {

    "number" : "7.11.2",

    "build_flavor" : "default",

    "build_type" : "tar",

    "build_hash" : "3e5a16cfec50876d20ea77b075070932c6464c7d",

    "build_date" : "2021-03-06T05:54:38.141101Z",

    "build_snapshot" : false,

    "lucene_version" : "8.7.0",

    "minimum_wire_compatibility_version" : "6.8.0",

    "minimum_index_compatibility_version" : "6.0.0-beta1"

  },

  "tagline" : "You Know, for Search"

}

 

七、 配置 kibana

cat config/kibana.yml |grep -v "^#" |sed '/^$/d'
>
server.port: 5601
server.host: "192.168.199.209"
elasticsearch.hosts: ["http://192.168.199.209:9200"]
elasticsearch.username: "admin"
elasticsearch.password: "hcs123"
logging.dest: /usr/local/elk/kibana/logs/kibana.log

# 创建日志目录及日志文件
mkdir /usr/local/elk/kibana/logs/
touch /usr/local/elk/kibana/logs/kibana.log

 

八、 kibana 启动、测试:

        启动:

/usr/local/elk/kibana/bin/kibana &

        测试:

                 web访问 5601端口 

 

九、 配置 logstash 

         修改 config/logstash

         主要涉及 INPUT、FILTER、OUPUT 三块,按需配置

 

十、 启动 logstash

/usr/local/elk/logstash/bin/logstash -f /usr/local/elk/logstash/config/logstash.conf --config.reload.automatic 2>&1
posted @ 2022-05-06 10:12  ヾ(o◕∀◕)ノヾ  阅读(49)  评论(0编辑  收藏  举报