ELK日志监控系统搭建
一、安装Elasticsearch: https://es.xiaoleilu.com/index.html
1、下载elasticsearch安装文件,官网下载地址:https://www.elastic.co/cn/downloads
2、解压elasticsearch压缩包至目录/opt/apps/elasticsearch
3、elasticsearch用root账户运行会报错,因此创建账号elastic
groupadd elastic
useradd –g elastic elastic
chown –R elastic /opt/apps/elasticsearch
chgrp –R elastic /opt/apps/elasticsearch
3、Elasticsearch运行依赖java,如果未安装jre,需要安装jre
4、系统配置修改:
4.1、vim /etc/sysctl.conf, 添加如下配置: vm.max_map_count=655360 并执行命令:sysctl –p
4.2、 vim /etc/security/limits.conf, 添加如下配置:
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
5、启动elasticsearch: 记得不要用root账号启动, /opt/apps/elasticsearch/elasticsearch/bin/elasticsearch &
6、启动成功之后可以访问http://192.168.40.128:9200/,如果显示如下内容,这说明es启动成功,如果没有,请根据es启动日志寻找错误
完整配置文件:
Master:
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ———————————- Cluster ———————————–
#
# Use a descriptive name for your cluster:
#
cluster.name: prj-logcollection
#
# ———————————— Node ————————————
#
# Use a descriptive name for the node:
#
node.name: es-node1
#
# Add custom attributes to the node:
#
node.attr.rack: r1
node.master: true
# ----------
最低0.47元/天 解锁文章
307
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
