既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,涵盖了95%以上软件测试知识点,真正体系化!
由于文件比较多,这里只是将部分目录截图出来,全套包含大厂面经、学习笔记、源码讲义、实战项目、大纲路线、讲解视频,并且后续会持续更新
failovermethod=priority
baseurl=http://mirrors.cloud.aliyuncs.com/centos/
r
e
l
e
a
s
e
v
e
r
/
o
s
/
releasever/os/
releasever/os/basearch/
gpgcheck=1
gpgkey=http://mirrors.cloud.aliyuncs.com/centos/RPM-GPG-KEY-CentOS-7
[updates]
name=CentOS-
r
e
l
e
a
s
e
v
e
r
e
n
a
b
l
e
d
=
1
f
a
i
l
o
v
e
r
m
e
t
h
o
d
=
p
r
i
o
r
i
t
y
b
a
s
e
u
r
l
=
h
t
t
p
:
/
/
m
i
r
r
o
r
s
.
c
l
o
u
d
.
a
l
i
y
u
n
c
s
.
c
o
m
/
c
e
n
t
o
s
/
releasever enabled=1 failovermethod=priority baseurl=http://mirrors.cloud.aliyuncs.com/centos/
releaseverenabled=1failovermethod=prioritybaseurl=http://mirrors.cloud.aliyuncs.com/centos/releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.cloud.aliyuncs.com/centos/RPM-GPG-KEY-CentOS-7
[extras]
name=CentOS-
r
e
l
e
a
s
e
v
e
r
e
n
a
b
l
e
d
=
1
f
a
i
l
o
v
e
r
m
e
t
h
o
d
=
p
r
i
o
r
i
t
y
b
a
s
e
u
r
l
=
h
t
t
p
:
/
/
m
i
r
r
o
r
s
.
c
l
o
u
d
.
a
l
i
y
u
n
c
s
.
c
o
m
/
c
e
n
t
o
s
/
releasever enabled=1 failovermethod=priority baseurl=http://mirrors.cloud.aliyuncs.com/centos/
releaseverenabled=1failovermethod=prioritybaseurl=http://mirrors.cloud.aliyuncs.com/centos/releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.cloud.aliyuncs.com/centos/RPM-GPG-KEY-CentOS-7
4.5、清理开机自启动服务
for i in chkconfig --list|grep 3:on |awk '{print $1}'
;do chkconfig$i off;done
for i in crond network rsyslog sshd;do chkconfig --level 3 $ion;done
chkconfig --list|grep 3:on
4.6、服务器时间同步
echo ‘*/5 * * * * /usr/sbin/ntpdate time.windows.com > /dev/null2>&1’ >>/var/spool/cron/root
4.7、加大文件描述符
echo ‘* - nofile 65535’ >> /etc/security/limits.conf
tail -1 /etc/security/limits.conf
#重新登陆后生效(无需重启)
ulimit -n(重新登陆后查看)
4.8、内核参数调优(可不操作)
\cp /etc/sysctl.conf /etc/sysctl.conf.bak
cat>>/etc/sysctl.conf<<EOF
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout=1
net.ipv4.tcp_keepalive_time=1200
net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.ip_local_port_range = 1024 65535
EOF
/sbin/sysctl -p
## 五、部署开始
5.1、更改nginx日志输出格式
5.1.1、定义日志格式
cat /etc/nginx/nginx.conf
log_format main '$remote_addr -
r
e
m
o
t
e
_
u
s
e
r
[
remote\_user [
remote_user[time_local]“KaTeX parse error: Double superscript at position 12: request" ' '̲status
b
o
d
y
_
b
y
t
e
s
_
s
e
n
t
"
body\_bytes\_sent "
body_bytes_sent"http_referer” ’
‘“
h
t
t
p
_
u
s
e
r
_
a
g
e
n
t
"
"
http\_user\_agent" "
http_user_agent""http_x_forwarded_for”’;
5.1.2、加载日志格式到对应域名配置中
cat /etc/nginx/conf.d/vhost/api.mingongge.com.cn.conf
server {
listen 80;
server_name newtest-msp-api.mingongge.com.cn;
access_log /var/log/nginx/api.mingongge.com.cn.log main;
}
5.1.3、reload生效
nginx -s reload
5.1.4、清空原输出文件,并查看输出的日志格式
:> /var/log/nginx/api.mingongge.com.cn.log
tailf /var/log/nginx/api.mingongger.com.cn.log
1xx.2xx.72.175 - - [18/Mar/2019:13:51:17 +0800] “GET/user/fund/113 HTTP/1.1” 200 673 “-” “Mozilla/5.0 (WindowsNT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) sun/1.5.6 Chrome/69.0.3497.106Electron/4.0.3 Safari/537.36” “-”
**5.2、配置kafka**
测试环境使用docker起的kafka,kafka部署掠过,以下任选一种
**5.2.1、方法一 创建kafka topic**
./kafka-topics.sh --create --topic nginxlog --replication-factor 1–partitions 1 --zookeeper localhost:2181
5.2.2、方法二
auto.create.topics.enable=true
开启kafka自动创建topic配置
5.2.3、filebeat部署完成后确认kafka topic中有数据
./kafka-console-consumer.sh --bootstrap-server 192.168.0.53:9091–from-beginning --topic nginxlog
输出如下
{“@timestamp”:“2019-03-14T07:16:50.140Z”,“@metadata”:{“beat”:“filebeat”,“type”:“doc”,“version”:“6.3.2”,“topic”:“nginxlog”},“fields”:{“log_topics”:“nginxlog”},“beat”:{“version”:“6.3.2”,“name”:“test-kafka-web”,“hostname”:“test-kafka-web”},“host”:{“name”:“test-kafka-web”},“source”:“/var/log/nginx/newtest-msp-api.mingongge.com.cn-80.log”,“offset”:114942,“message”:“116.226.72.175- - [14/Mar/2019:15:16:49 +0800] newtest-msp-api.mingongge.com.cn POST”/upstream/page" “-” 200 6314"http://newtest-msp-crm.mingongge.com.cn/" 200 192.168.0.49:60070.024 0.024 “Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36"”-“”}
Processed a total of 7516 messages
测试环境中kafka地址为
>
> 192.168.0.53:9091
>
>
>
## 5.3、配置filebeat收集nginx日志
5.3.1、安装filebeat
cd /opt/ && wget http://download.mingongge.com.cn/download/software/filebeat-6.3.2-x86_64.rpm
yum localinstall filebeat-6.3.2-x86_64.rpm -y
5.3.2、编辑配置文件
cat /etc/filebeat/filebeat.yml
filebeat.prospectors:
- input_type: log
enabled: true
paths: - /var/log/nginx/api.mingongge.com.cn.log#收集日志路径
fields:
log_topics: nginxlog #kafka中topic名称
json.keys_under_root: true
json.overwrite_keys: true
output.kafka:
enabled: true
hosts:[“192.168.0.53:9091”] #kafka地址
topic:‘%{[fields][log_topics]}’ #kafka中topic名称
partition.round_robin:
reachable_only: false
compression: gzip
max_message_bytes: 1000000
required_acks: 1
5.3.3、启动filebeat& 开机启动
systemctl start filebeat
systemctl enable filebeat
## 5.4、配置logstash
5.4.1 编辑配置
cat /usr/local/logstash/config/nginx.conf
input {
kafka {
type =>“nginxlog”
topics =>[“nginxlog”]
bootstrap_servers=> [“192.168.0.53:9091”]
group_id =>“nginxlog”
auto_offset_reset=> latest
codec =>“json”
}
}
filter {
if [type] == “nginxlog”{
grok {
match => {“message” => “%{COMBINEDAPACHELOG}” }
remove_field =>“message”
}
date {
match => [“timestamp” , “dd/MMM/YYYY:HH:mm:ss Z” ]
}
geoip {
source =>“clientip”
target =>“geoip”
database =>“/usr/local/logstash/config/GeoLite2-City.mmdb”
add_field => [“[geoip][coordinates]”, “%{[geoip][longitude]}” ] #添加字段coordinates,值为经度
add_field => [“[geoip][coordinates]”, “%{[geoip][latitude]}” ] #添加字段coordinates,值为纬度
}
mutate {
convert => [“[geoip][coordinates]”, “float”]
}
useragent {
source =>“agent”
target =>“userAgent”
}
}
}
output {
if [type] == ‘nginxlog’ {
elasticsearch {
hosts =>[“http://192.168.0.48:9200”]
index =>“logstash-nginxlog-%{+YYYY.MM.dd}”
}
stdout {codec =>rubydebug}
}
}
5.4.2、使用配置文件启动logstash服务,观察输出
/usr/local/logstash/bin/logstash -f nginx.conf
{
“httpversion”=> “1.1”,
“verb” =>“GET”,
“auth”=> “-”,
“@timestamp”=> 2019-03-18T06:41:27.000Z,
“type”=> “nginxlog”,
“json”=> {},
“source”=> “/var/log/nginx/newtest-msp-api.mingongge.com.cn-80.log”,
“fields” =>{
“log_topics”=> “nginxlog”
},
“response”=> “200”,
“offset”=> 957434,
“host”=> {
“name” =>“test-kafka-web”
},
“beat”=> {
“hostname”=> “test-kafka-web”,
“version”=> “6.3.2”,
“name”=> “test-kafka-web”
},
“bytes”=> “673”,
“request”=> “/user/fund/113”,
“timestamp”=> “18/Mar/2019:14:41:27 +0800”,
“referrer”=> “”-“”,
“userAgent”=> {
“os”=> “Windows”,
“major” => “4”,
“patch”=> “3”,
“build”=> “”,
“minor”=> “0”,
“os_name”=> “Windows”,
“device”=> “Other”,
“name”=> “Electron”
},
“geoip”=> {
“ip” => “1xx.2xx.72.175”,
“country_name” => “China”,
“coordinates” => [
[0] 121.4012,
[1] 31.0449
],
“region_name” => “Shanghai”,
“location” => {
“lat”=> 31.0449,
“lon”=> 121.4012
},
“continent_code” => “AS”,
“timezone” => “Asia/Shanghai”,
“longitude” => 121.4012,
“city_name” => “Shanghai”,
“country_code2” => “CN”,
“region_code” => “SH”,
“latitude” => 31.0449,
“country_code3” => “CN”
},
“@version”=> “1”,
“clientip”=> “1xx.2xx.72.175”,
“ident”=> “-”,
“agent”=> "“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) sun/1.5.6 Chrome/69.0.3497.106 Electron/4.0.3Safari/537.36"”
}
5.4.3、后台启动logstash
确认出现以上输出后,将logstash分离出当前shell,并放在后台运行
nohup /usr/local/logstash/bin/logstash -f nginx.conf &>/dev/null &
## 5.5、kibana配置
5.5.1、修改kibana配置
/usr/local/kibana-6.5.4-linux-x86_64/config/kibana.yml #增加高德地图
tilemap.url:‘http://webrd02.is.autonavi.com/appmaptile?lang=zh_cn&size=1&scale=1&style=7&x={x}&y={y}&z={z}’
5.5.2、创建Index Pattern
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172221272.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172229928.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
**5.5.3、IP访问TOP5**
选择柱形图
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172256668.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
添加X轴,以geoip.ip为order by字段
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172309189.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
**5.5.4 、PV**
选择metric
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172321998.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
默认统计总日志条数,即为PV数
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172340968.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
**5.5.5、全球访问地图**
选择map
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172358400.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
Field选择geoip.location
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172412621.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
选择添加高德地图
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111172424977.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
**5.5.6、实时流量**
选择线条图
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174146586.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174155518.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
5.5.7、操作系统
选择饼图
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174205907.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174217215.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
5.5.8、登陆次数
过滤login关键字,并做count统计
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174229155.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
5.5.9、访问地区
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174254517.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
5.5.10、Dashboard展示
* IP访问Top5:每日客户端IP请求数最多的前五个(可分析出攻击者IP)
* PV:每日页面访问量
* 全球访问图:直观的展示用户来自哪个国家哪个地区
* 实时流量:根据@timestamp字段来展示单位时间的请求数(可根据异常峰值判断是否遭遇攻击)
* 操作系统:展示客户端所用设备所占比重
* 登陆次数:通过过滤request中login的访问记录,粗略估算出进行过登陆的次数
* 访问地区:展示访问量最多的国家或地区
* 需展示其他指标,可进行自由发挥
![在这里插入图片描述](https://img-blog.csdnimg.cn/20201111174310757.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
![img](https://img-blog.csdnimg.cn/img_convert/6c1285a77165e6bbb967daefa6519207.png)
![img](https://img-blog.csdnimg.cn/img_convert/8d56f470fe521e47a49d9abb41b684c8.png)
![img](https://img-blog.csdnimg.cn/img_convert/1614be96f36bdf16017192a49d88f442.png)
**既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,涵盖了95%以上软件测试知识点,真正体系化!**
**由于文件比较多,这里只是将部分目录截图出来,全套包含大厂面经、学习笔记、源码讲义、实战项目、大纲路线、讲解视频,并且后续会持续更新**
**[需要这份系统化的资料的朋友,可以戳这里获取](https://bbs.csdn.net/forums/4f45ff00ff254613a03fab5e56a57acb)**
text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzQwOTA3OTc3,size_16,color_FFFFFF,t_70#pic_center)
[外链图片转存中...(img-SufALBse-1715550159410)]
[外链图片转存中...(img-yoP0Uvgt-1715550159410)]
[外链图片转存中...(img-VG9AyyRg-1715550159411)]
**既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,涵盖了95%以上软件测试知识点,真正体系化!**
**由于文件比较多,这里只是将部分目录截图出来,全套包含大厂面经、学习笔记、源码讲义、实战项目、大纲路线、讲解视频,并且后续会持续更新**
**[需要这份系统化的资料的朋友,可以戳这里获取](https://bbs.csdn.net/forums/4f45ff00ff254613a03fab5e56a57acb)**