ELK环境搭建之安装-filebeat-7.6.1

最新推荐文章于 2024-05-18 08:00:00 发布

Java般若生

最新推荐文章于 2024-05-18 08:00:00 发布

阅读量1.6k

点赞数

分类专栏： ELK

本文链接：https://blog.csdn.net/linpxing1/article/details/105872791

版权

ELK 专栏收录该内容

7 篇文章 2 订阅

订阅专栏

查看linux服务器信息

[root@linux-node2 ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@linux-node2 ~]# uname -r
2.6.32-573.el6.x86_64

1,下载安装包

2，解压文件

[es@linux-node2 ~]# tar -xvf filebeat-7.6.1.tar.gz

[es@linux-node2 ~]# ln -s filebeat

3，修改配置文件

vim filebeat.yml

###################### Filebeat Configuration Example #########################

#=========================== Filebeat inputs =============================

filebeat.inputs:

# Each – is an input. Most options can be set at the input level, so
# you can use different inputs for various configurations.
# Below are the input specific configurations.

– type: log

# Change to true to enable this input configuration.
enabled: true

# Paths that should be crawled and fetched. Glob based paths.
paths:
– /app/file/logs/*/*.txt
#- c:\programdata\elasticsearch\logs\*

#============================= Filebeat modules ===============================

filebeat.config.modules:
# Glob pattern for configuration loading
path: ${path.config}/modules.d/*.yml

# Set to true to enable config reloading
reload.enabled: true

#==================== Elasticsearch template setting ==========================

setup.template.settings:
index.number_of_shards: 1
#index.codec: best_compression
#_source.enabled: false

#—————————– Logstash output ——————————–
output.logstash:
# The Logstash hosts
hosts: [“192.168.9.93:5044”]

# Optional SSL. By default is off.
# List of root certificates for HTTPS server verifications
#ssl.certificate_authorities: [“/etc/pki/root/ca.pem”]

# Certificate for SSL client authentication
#ssl.certificate: “/etc/pki/client/cert.pem”

# Client Certificate Key
#ssl.key: “/etc/pki/client/cert.key”

#================================ Logging =====================================

# Sets log level. The default log level is info.
# Available log levels are: error, warning, info, debug
#logging.level: debug

# At debug level, you can selectively enable logging only for some components.
# To enable all selectors use [“*”]. Examples of other selectors are “beat”,
# “publish”, “service”.
#logging.selectors: ["*"]

：wq

4,切换es用户

[root@linux-node2 ~]#  su es

5,后台启动

[es@linux-node2 ~]# nohup ./filebeat -c filebeat.yml -e > logs/filebeat.log 2>&1 &

注意，前提是logstash已启动，不然会一直报错的！

本配置只监控，一文件夹下的的文件变动，并将数据传输至logstash

如果需要传输给kafaka,elastisearch 请参照官方文档
www.elastic.co
guide/en/beats/filebeat/7.5/filebeat-getting-started.html

还可以直接监控以下文件
在这里插入图片描述

Java般若生

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
ELK环境搭建之安装-filebeat-7.6.1

查看linux服务器信息[root@linux-node2 ~]# cat /etc/redhat-releaseCentOS Linux release 7.5.1804 (Core)[root@linux-node2 ~]# uname -r2.6.32-573.el6.x86_641,下载安装包2，解压文件[es@linux-node2 ~]# tar -xvf filebe...
复制链接

扫一扫