环境准备
服务器系统 | Centos7.3 |
---|---|
内存 | 4G |
CPU | 2核 |
IP地址 | 10.0.0.43 |
yum -y install ntpdate
ntpdate 0.cn.pool.ntp.org
rpm -ivh jdk-8u131-linux-x64_.rpm
rpm -ivh elasticsearch-6.6.0.rpm
rpm -ivh logstash-6.6.0.rpm
rpm -ivh kibana-6.6.0-x86_64.rpm
ulimit -n 65536
vim /etc/sysctl.conf
sysctl -p
vim /etc/elasticsearch/elasticsearch.yml
systemctl stop firewalld
setenforce 0
systemctl start elasticsearch
vim /etc/logstash/conf.d/system.conf
input {
file {
path => "/var/log/messages"
type => "system-log"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => "127.0.0.1:9200"
index => "system_log-%{+YYYY.MM.dd}"
}
}
systemctl start logstash
chmod 644 /var/log/messages
ss -ntl |grep 9600
稍等几分钟后可以查看9600端口是否监听 若未监听可以查看日志是否有错误
tail -f /var/log/logstash/logstash-plain.log
配置并启动kibana 这里只需要配置监听地址和elasticsearch的ip就可以了
vim /etc/kibana/kibana.yml
systemctl start kibana