windows 安装ELK日志系统

ELK是ElasticSearch、Logstash、Kibana简写
Logstash:能够进行日志采集、转换和传输数据
Elasticsearch:可以进行快速搜索日志引擎
Kibana:主要用于web页面展示

一、Elasticsearch

官网:https://www.elastic.co/cn/products/elasticsearch
下载:https://www.elastic.co/cn/downloads/elasticsearch
windows下载:https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.1-windows-x86_64.zip

下载较慢,百度云链接:https://pan.baidu.com/s/1ntzfAZlc2HVenRCknsFlXg 提取码:rciq

安装包解压后,
进入bin文件夹,双击 elasticsearch.bat

浏览地址:http://localhost:9200 启动成功出现下面页面

在这里插入图片描述

二、Logstash

官网:https://www.elastic.co/cn/products/logstash
下载:https://www.elastic.co/cn/downloads/logstash
windows下载:https://artifacts.elastic.co/downloads/logstash/logstash-7.10.1-windows-x86_64.zip

下载较慢,百度云链接:https://pan.baidu.com/s/1oNXgYyrrc-18KoKD1JzsLQ 提取码:gwn7

(1) 解压文件夹后,进入bin目录:当不存在logstash.conf文件时,新建logstash.conf, 基础logstash.conf的配置

input {
  #日志采集输入配置,可配置多个输入
  #参考 https://www.elastic.co/guide/en/logstash/current/plugins-inputs-elasticsearch.html
  tcp {
    mode => "server"
    host => "0.0.0.0"        # 0.0.0.0 允许任意主机发送日志, 主机可以是IP,HOST,IP:port或HOST:port。端口默认为9200。
    type => "order-server"     # 区分每个输入源-订单服务
    port => 2222               # 输入源的端口号
    codec => json_lines        # 数据格式
  }
  tcp {
    mode => "server"
    host => "0.0.0.0"
    type => "goods-server"
    port => 2223
    codec => json_lines
  }

}
filter {
  #Only matched data are send to output.
}
output {
  #日志输出配置,可配置多个输出
  #参考: https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html
  if [type] == "order-server" {
    elasticsearch {
      action => "index"                   # 输出时创建映射
      hosts  => "http://localhost:9200"   # ElasticSearch 的地址和端口
      index  => "order-server"            # 指定索引名
      codec  => "json"
     }
  }

  if [type] == "goods-server" {
    elasticsearch {
      action => "index"                   #The operation on ES
      hosts  => "http://localhost:9200"   #ElasticSearch host, can be array.
      index  => "goods-server"            #The index to write data to.
      codec  => "json"
     }
  }
}

input → filter → output。是一个收集,过滤,转发日志的过程

(2) cmd进入解压后文件夹:

cd C:\Users\Administrator\Downloads\logstash-7.10.1-windows-x86_64\logstash-7.10.1\bin

(3) 执行运行:

logstash -f logstash.conf

浏览地址:http://localhost:9600/
在这里插入图片描述

三、Kibana

官网:https://www.elastic.co/cn/products/kibana
下载:https://www.elastic.co/cn/downloads/kibana
windows下载:https://artifacts.elastic.co/downloads/kibana/kibana-7.10.1-windows-x86_64.zip

下载较慢,百度云链接:https://pan.baidu.com/s/1Xaw-7kzO60xjmJ1fb_e9IA 提取码:18q6

进入解压后文件夹bin:
双击kibana.bat

浏览地址:http://localhost:5601/
在这里插入图片描述

posted @ 2021-01-29 15:14  预立科技  阅读(24)  评论(0编辑  收藏  举报