Docker搭建ELK的javaweb应用日志收集存储分析系统
1.启动elasticsearch
docker run -d --name myes -p 9200:9200 elasticsearch:2.3
2.启动kibana
docker run --name mykibana -e ELASTICSEARCH_URL=http://118.184.66.215:9200 -p 5601:5601 -d kibana:4.5
3.logstash配置文件
vim /etc/logstash/logstash.conf
input {
log4j {
mode => "server"
host => "0.0.0.0"
port => 3456
type => "log4j"
}
}
output {
elasticsearch { hosts => ["118.184.66.215"] }
}
4.启动logstash
docker run -d -v "$PWD":/etc/logstash -p 3456:3456 logstash:2.3 logstash -f /etc/logstash/logstash.conf
5.web应用log4j日志TCP输出
log4j.rootLogger = DEBUG,tcp
log4j.appender.tcp=org.apache.log4j.net.SocketAppender
log4j.appender.tcp.Port=3456
log4j.appender.tcp.RemoteHost=118.184.66.215
log4j.appender.tcp.ReconnectionDelay=10000
log4j.appender.tcp.Application=job