kibana图形使用(小节8)

最新推荐文章于 2024-09-01 10:08:26 发布

Soul_2016

最新推荐文章于 2024-09-01 10:08:26 发布

阅读量72

点赞数

本文链接：https://blog.csdn.net/Soul_2016/article/details/132971695

版权

highlight: a11y-dark

theme: juejin

kibana 画图功能详解

https://www.elastic.co/guide/cn/kibana/current/introduction.html

Kibana支持多重图从展示功能，需要日志是json格式的支持，具体如新：

web1(106)

软件包：access.log.zip

解压

js cd /usr/local/src/ unzip access.log.zip

追加

js cat access.log >> /var/log/access.log

图片.png

创建可视化

图片.png

面积图

面积图1.png

面积图2.png

面积图3.png

面积图4.png

面积图5.png

饼图

饼图1.png

饼图2.png

饼图3.png

饼图4.png

数据表

数据表1.png

数据表2.png

数据表3.png

垂直条形图

垂直条形图1.png

垂直条形图2.png

垂直条形图3.png

Markdown

仪表盘

仪表盘1.png

仪表盘2.png

仪表盘3.png

仪表盘4.png

页面共享

固定连接

固定连接2.png

嵌入代码

嵌入代码-1.png

嵌入代码-2.png

安装包：pycharm社区版、安装步骤参考

嵌入代码-3.png

嵌入代码-4.png

通过坐标地图统计客户IP所在城市

logstash103

安装包：GeoLite2-City

```js

上传文件后、解压缩

cd /etc/logstash/ tar xf GeoLite2-City_20191015.tar.gz ```

修改配置文件

在input{}和outpat{}中间添加了filter{}(15行信息)

```js vim /etc/logstash/conf.d/redis-to-es.conf input { redis { host => "192.168.37.104" port => "6379" password => "123456" key => "syslog-37-106" data_type => list db => 3 }

redis { host => "192.168.37.104" port => "6379" password => "123456" key => "syslog-37-107" data_type => list db => 3 }

redis { host => "192.168.37.104" port => "6379" password => "123456" key => "nginx-accesslog-37-106" data_type => list db => 3 }

redis { host => "192.168.37.104" port => "6379" password => "123456" key => "nginx-accesslog-37-107" data_type => list db => 3 } }

filter { if [fields][app] == "nginx-106" { geoip { source => "clientip" target => "geoip" #文件路径 database => "/etc/logstash/GeoLite2-City20191015/GeoLite2-City.mmdb" addfield => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ] add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ] } mutate { convert => [ "[geoip][coordinates]", "float"] } } }

output {

系统日志

if [fields][type] == "syslog-106" { elasticsearch { hosts => ["http://192.168.37.102:9200"] index => "filebeat-syslog-37-106-%{+YYYY.MM.dd}" }}

if [fields][type] == "syslog-107" { elasticsearch { hosts => ["http://192.168.37.102:9200"] index => "filebeat-syslog-37-107-%{+YYYY.MM.dd}" }}

nginx日志

if [fields][app] == "nginx-106" { elasticsearch { hosts => ["http://192.168.37.102:9200"] index => "logstash-nginx-accesslog-37-106-%{+YYYY.MM.dd}" }}

if [fields][app] == "nginx-107" { elasticsearch { hosts => ["http://192.168.37.102:9200"] index => "logstash-nginx-accesslog-37-107-%{+YYYY.MM.dd}" }} } ```

停服务

js systemctl stop logstash

检查文件是否报错

js /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/redis-to-es.conf -t

重启服务

js systemctl restart logstash

web1(106)

追加日志

js cat access.log >> /var/log/access.log

刷新一下刷新前 刷新前.png