centos 7 EFK安装部署监控nginx

本文档详述了如何在CentOS 7系统上安装并配置EFK(Elasticsearch、Fluentd、Kibana)监控工具,以监控Nginx的日志。首先,通过链接分别介绍了安装Kafka、Filebeat的步骤,接着重点讲述了安装ELK(Elasticsearch、Logstash、Kibana)的过程,并提及了在部署过程中,需要对Filebeat和Nginx配置文件进行相应的调整。
摘要由CSDN通过智能技术生成

搭建EFK架构
安装kafka:
https://blog.csdn.net/RoninLJH/article/details/107028599
安装filebeat:
https://blog.csdn.net/RoninLJH/article/details/107111943
安装ELK:
https://blog.csdn.net/RoninLJH/article/details/107006273

需要修改filebeat

[root@kafka01 ~]# vim /etc/filebeat/filebeat.yml
filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /var/log/messages
  fields:
    log_topics: messages
####
- type: log
  enabled: true
  paths:
    - /var/log/nginx/access.log
  fields:
    log_topics: nginx
output.kafka:
  enabled: true
  hosts: ["192.168.33.143:9092","192.168.33.144:9092","192.168.33.145:9092"]
  topic: '%{[fields][log_topics]}'

需要修改nginx.conf

[root@kafka01 ~]# vim /etc/logstash/conf.d/nginx.conf
input {
        kafka{
        bootstrap_servers => ["192.168.33.143:9092,192.168.33.144:9092,192.168.33.145:9092"]
        group_id => "logstash"
        topics => "nginx"
         consumer_threads => 5
        }
}
filter {
        json {
                source => "message"
        }
        mutate {
                remove_field => ["fields","prospector","host","log"]
        }
        grok {
                match => {"message" => "%{NGINXACCESS}"}
        }
}
output {
        elasticsearch {
                hosts => "192.168.33.144:9200"
                index => "nginx_log-%{+YYYY.MM.dd}"
        }
#       stdout {
#               codec => rubydebug
#       }
}
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值