介绍 (Introduction)
The Elastic Stack — formerly known as the ELK Stack — is a collection of open-source software produced by Elastic which allows you to search, analyze, and visualize logs generated from any source in any format, a practice known as centralized logging. Centralized logging can be useful when attempting to identify problems with your servers or applications as it allows you to search through all of your logs in a single place. It’s also useful because it allows you to identify issues that span multiple servers by correlating their logs during a specific time frame.
Elastic Stack(以前称为ELK Stack )是Elastic产生的开源软件的集合,它使您可以搜索,分析和可视化从任何来源以任何格式生成的日志,这种做法称为集中式日志记录 。 集中式日志记录在尝试确定服务器或应用程序出现问题时非常有用,因为它使您可以在一个地方搜索所有日志。 它也很有用,因为它允许您通过在特定时间段内关联多个服务器的日志来识别跨越多个服务器的问题。
The Elastic Stack has four main components:
弹性堆栈具有四个主要组件:
Elasticsearch: a distributed RESTful search engine which stores all of the collected data.
Elasticsearch :分布式RESTful搜索引擎,用于存储所有收集的数据。
Logstash: the data processing component of the Elastic Stack which sends incoming data to Elasticsearch.
Logstash :Elastic Stack的数据处理组件,用于将传入的数据发送到Elasticsearch。
Kibana: a web interface for searching and visualizing logs.
Kibana :用于搜索和可视化日志的Web界面。
Beats: lightweight, single-purpose data shippers that can send data from hundreds or thousands of machines to either Logstash or Elasticsearch.
Beats :轻型,单一用途的数据发送器,可以将数百或数千台计算机中的数据发送到Logstash或Elasticsearch。
In this tutorial, you will install the Elastic Stack on an Ubuntu 20.04 server. You will learn how to install all of the components of the Elastic Stack — including Filebeat, a Beat used for forwarding and centralizing logs and files — and configure them to gather and visualize system logs. Additionally, because Kibana is normally only available on the localhost, we will use Nginx to proxy it so it will be accessible over a web browser. We will install all of these components on a single server, which we will refer to as our Elastic Stack server.
在本教程中,您将在Ubuntu 20.04服务器上安装Elastic Stack 。 您将学习如何安装Elastic Stack的所有组件,包括Filebeat (用于转发和集中化日志和文件的Beat),以及如何配置它们以收集和可视化系统日志。 另外,由于Kibana通常仅在localhost上可用,我们将使用Nginx对其进行代理,以便可以通过Web浏览器对其进行访问。 我们将所有这些组件安装在单个服务器上,我们将其称为Elastic Stack服务器 。
Note: When installing the Elastic Stack, you must use the same version across the entire stack. In this tutorial we will install the latest versions of the entire stack which are, at the time of this writing, Elasticsearch 7.7.1, Kibana 7.7.1, Logstash 7.7.1, and Filebeat 7.7.1.
注意 :安装弹性堆栈时,必须在整个堆栈中使用相同的版本。 在本教程中,我们将安装整个堆栈的最新版本,在撰写本文时,它们是Elasticsearch 7.7.1,Kibana 7.7.1,Logstash 7.7.1和Filebeat 7.7.1。
先决条件 (Prerequisites)
To complete this tutorial, you will need the following:
要完成本教程,您将需要以下内容:
An Ubuntu 20.04 server with 4GB RAM and 2 CPUs set up with a non-root sudo user. You can achieve this by following the Initial Server Setup with Ubuntu 20.04.For this tutorial, we will work with the minimum amount of CPU and RAM required to run Elasticsearch. Note that the amount of CPU, RAM, and storage that your Elasticsearch server will require depends on the volume of logs that you expect.
带有4GB RAM和2个CPU的Ubuntu 20.04服务器,使用非root用户sudo用户设置。 您可以通过遵循Ubuntu 20.04的初始服务器设置来实现。在本教程中,我们将使用运行Elasticsearch所需的最少CPU和RAM。 请注意,Elasticsearch服务器所需的CPU,RAM和存储量取决于所需的日志量。
OpenJDK 11 installed. See the section Installing the Default JRE/JDK How To Install Java with Apt on Ubuntu 20.04 to set this up.
已安装OpenJDK 11。 请参阅“ 在Ubuntu 20.04上 安装默认JRE / JDK 如何在Apt中安装Java”部分进行设置。
Nginx installed on your server, which we will configure later in this guide as a reverse proxy for Kibana. Follow our guide on How to Install Nginx on Ubuntu 20.04 to set this up.
Nginx安装在您的服务器上,我们将在本指南的后面部分将其配置为Kibana的反向代理。 按照我们的指南如何在Ubuntu 20.04上安装Nginx进行设置。
Additionally, because the Elastic Stack is used to access valuable information about your server that you would not want unauthorized users to access, it’s important that you keep your server secure by installing a TLS/SSL certificate. This is optional but strongly encouraged.
此外,由于Elastic Stack用于访问您不希望未经授权的用户访问的有关服务器的重要信息,因此,通过安装TLS / SSL证书来确保服务器的安全非常重要。 这是可选的,但强烈建议这样做 。
However, because you will ultimately make changes to your Nginx server block over the course of this guide, it would likely make more sense for you to complete the Let’s Encrypt on Ubuntu 20.04 guide at the end of this tutorial’s second step. With that in mind, if you plan to configure Let’s Encrypt on your server, you will need the following in place before doing so:
但是,由于您最终将在本指南的过程中对Nginx服务器块进行更改,因此,在本教程第二步结束时,完成“在Ubuntu 20.04上加密我们的加密”指南可能对您更有意义。 考虑到这一点,如果您打算在服务器上配置“让我们加密”,则需要先进行以下准备:
A fully qualified domain name (FQDN). This tutorial will use
your_domainthroughout. You can purchase a domain name on Namecheap, get one for free on Freenom, or use the domain registrar of your choice.完全限定的域名(FQDN)。 本教程将整个使用
your_domain。 你可以购买一个域名Namecheap ,免费获得一个在Freenom ,或使用你选择的域名注册商。Both of the following DNS records set up for your server. You can follow this introduction to DigitalOcean DNS for details on how to add them.
为服务器设置了以下两个DNS记录。 您可以按照DigitalOcean DNS简介进行操作,以获取有关如何添加它们的详细信息。
An A record with
your_domainpointing to your server’s public IP address.A记录,其中
your_domain指向服务器的公共IP地址。An A record with
www.your_domainpointing to your server’s public IP address.与
www. your_domain的A记录www. your_domainwww. your_domain指向服务器的公共IP地址。
步骤1 —安装和配置Elasticsearch (Step 1 — Installing and Configuring Elasticsearch)
The Elasticsearch components are not available in Ubuntu’s default package repositories. They can, however, be installed with APT after adding Elastic’s package source list.
Elasticsearch组件在Ubuntu的默认软件包存储库中不可用。 但是,可以在添加Elastic的软件包源列表之后将它们与APT一起安装。
All of the packages are signed with the Elasticsearch signing key in order to protect your system from package spoofing. Packages which have been authenticated using the key will be considered trusted by your package manager. In this step, you will import the Elasticsearch public GPG key and add the Elastic pa
最低0.47元/天 解锁文章
1821
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
