windows下springboot项目部署elk日志系统教程elasticsearch与logstash与kibana

1.项目中加入依赖：

compile 'net.logstash.logback:logstash-logback-encoder:6.0'

如果是maven项目的话：字符串中的冒号为隔断，第一个为groupid，第二个为artifactId，第三个为version

2.添加一个logback日志：我注释掉的部分是日志的打印，可以开出来，正式环境就不开了，影响性能

这里的功能添加一个logstash的appender将其发送到   rabbitmq

rabbitmq的安装教程参看本博主的博文：

https://blog.csdn.net/u013294097/article/details/81476018

 

 

命名文件名为：logback.xml

放到classpath路径下：

<?xml version="1.0" encoding="UTF-8"?>
<configuration>


    <!--<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">-->
        <!--<encoder>-->
            <!--<pattern>%d{HH:mm:ss.SSS} [%-5level] %logger{15} - %msg%n%rEx</pattern>-->
            <!--<immediateFlush>false</immediateFlush>-->
        <!--</encoder>-->
    <!--</appender>-->


<!--logstash的sppender，发送给rabbitmq-->
    <appender name="ASYNC" class="net.logstash.logback.appender.LoggingEventAsyncDisruptorAppender">
        <appender name="AMQP"
                  class="org.springframework.amqp.rabbit.logback.AmqpAppender">
            <host>localhost</host>
            <port>5672</port>
            <virtualHost>/</virtualHost>
            <username>guest</username>
            <password>guest</password>
            <exchangeType>direct</exchangeType>
            <exchangeName>elk</exchangeName>
            <applicationId>gateway</applicationId>
            <routingKeyPattern>elk</routingKeyPattern>
            <contentType>text/plain</contentType>
            <maxSenderRetries>2</maxSenderRetries>
            <charset>UTF-8</charset>
            <declareExchange>true</declareExchange>

            <layout class="net.logstash.logback.layout.LogstashLayout">
                <customFields>{"app":"lostashTest"}</customFields>
            </layout>

        </appender>
    </appender>


    <root level="INFO">
        <!--<appender-ref ref="CONSOLE"/>-->
        <appender-ref ref="ASYNC"/>
    </root>

</configuration>

3.安装logstash的windows版本

1) 我的百度云盘下载地址：版本号是2.4.0

链接：https://pan.baidu.com/s/1ud4mpTpwyUSeJNGqk933yg 
提取码：85cw 
复制这段内容后打开百度网盘手机App，操作更方便哦

2) 配置文件 ，我这里叫agent.conf，将logstash解压之后，将下面文本创建一个文件agent.conf，放到logstash的bin目录下

 

input {
   rabbitmq{
	host=>"localhost"
	port=> 5672
	user=>"guest"
	password=>"guest"
	queue=>"elk"
	exchange=>"elk"
	key=>"elk"
	durable=>true
	passive=>false
	codec=>json
  }
}

filter {
}

output {
	elasticsearch {
	hosts => ["localhost:9200"]
 	index => "index-%{+YYYYMMdd}"
  }
}

3)安装支持elasticsearch的插件

在logstash目录的bin目录下的，在地址栏输入cmd进入windows控制台，输入如下命令

logstash-plugin install --no-verify logstash-input-rabbitmq

4) 启动logstash

在logstash目录的bin目录下，在地址栏输入cmd进入windows的控制台，输入如下命令：

logstash -f agent.conf

上图这种状态即为启动成功！

4.安装启动elasticsearch

1)我的百度云盘下载地址：我这里的版本是1.7.3

链接：https://pan.baidu.com/s/10hrGjXOyt8dJUrv_u8cLGg 
提取码：7qnw 
复制这段内容后打开百度网盘手机App，操作更方便哦

 

2)解压elasticsearch

3)配置跨域允许访问

打开config目录下的elasticsearch.yml文件，可以使用notepad++或者edit-plus软件，自行百度安装

在最上面添加2句话：这两句话是允许跨域请求

http.cors.allow-origin: "/.*/"
http.cors.enabled: true

4）启动elasticsearch

打开elasticsearch根目录下的bin目录

双击   elasticsearch.bat   即可启动

5.下载安装kibana

1)我的百度云盘下载地址：版本号：3.x

链接：https://pan.baidu.com/s/1pkyEPL9oOK4pdB_pVE-6hA 
提取码：m4h1 
复制这段内容后打开百度网盘手机App，操作更方便哦

2)解压kibana,kibana其实就是一个前后端分离的存粹的前段工程

3）修改配置文件，这里是配置elasticsearch的访问路径，我这里是127.0.0.1

 

4)启动kibana

使用nginx启动，或者其他方式（hbuilder，idea都可以做为前端服务器启动）

4.1）nginx下载

我的百度云下载：windows版本的nginx

链接：https://pan.baidu.com/s/1rbG1fukBso1pjZHE2NM-xA 
提取码：37zr 
复制这段内容后打开百度网盘手机App，操作更方便哦

4.2)解压nginx

4.3)配置nginx

打开conf目录下面的nginx.conf文件

按照如下配置：注意文件路径填写自己的 kibana的文件夹路径

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #access_log  logs/access.log  main;

    sendfile        on;

    keepalive_timeout  65;

    #gzip  on;
	 

    server {
        listen       80;
        server_name  127.0.0.1;

        location / {
            root   C:/Users/Administrator/Desktop/kibana-3.1.2;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    }

}

红色部分填写你自己的kibana的文件夹的路径

4.4)启动nginx

双击nginx.exe即可启动

5.访问127.0.0.1即可打开kibana界面

6.导入我这个配置好的dashbord的文件，或者也可以自行配置。

将下面的代码复制出来，另存为一个文件，文件名可以使用：Your Basic Dashboard.json

 

{
  "title": "Your Basic Dashboard",
  "services": {
    "query": {
      "list": {
        "0": {
          "query": "*",
          "alias": "",
          "color": "#7EB26D",
          "id": 0,
          "pin": false,
          "type": "lucene",
          "enable": true
        }
      },
      "ids": [
        0
      ]
    },
    "filter": {
      "list": {
        "0": {
          "type": "querystring",
          "query": "app:gateway",
          "mandate": "must",
          "active": true,
          "alias": "",
          "id": 0
        },
        "1": {
          "type": "time",
          "field": "@timestamp",
          "from": "now-15m",
          "to": "now",
          "mandate": "must",
          "active": true,
          "alias": "",
          "id": 1
        }
      },
      "ids": [
        0,
        1
      ]
    }
  },
  "rows": [
    {
      "title": "Options",
      "height": "50px",
      "editable": true,
      "collapse": false,
      "collapsable": true,
      "panels": [
        {
          "span": 12,
          "editable": true,
          "type": "histogram",
          "loadingEditor": false,
          "mode": "count",
          "time_field": "@timestamp",
          "value_field": null,
          "x-axis": true,
          "y-axis": true,
          "scale": 1,
          "y_format": "none",
          "grid": {
            "max": null,
            "min": 0
          },
          "queries": {
            "mode": "all",
            "ids": [
              0
            ]
          },
          "annotate": {
            "enable": false,
            "query": "*",
            "size": 20,
            "field": "_type",
            "sort": [
              "_score",
              "desc"
            ]
          },
          "auto_int": true,
          "resolution": 100,
          "interval": "10s",
          "intervals": [
            "auto",
            "1s",
            "1m",
            "5m",
            "10m",
            "30m",
            "1h",
            "3h",
            "12h",
            "1d",
            "1w",
            "1y"
          ],
          "lines": false,
          "fill": 0,
          "linewidth": 3,
          "points": false,
          "pointradius": 5,
          "bars": true,
          "stack": true,
          "spyable": true,
          "zoomlinks": true,
          "options": true,
          "legend": true,
          "show_query": true,
          "interactive": true,
          "legend_counts": true,
          "timezone": "browser",
          "percentage": false,
          "zerofill": true,
          "derivative": false,
          "tooltip": {
            "value_type": "cumulative",
            "query_as_alias": true
          }
        }
      ],
      "notice": false
    },
    {
      "title": "Graph",
      "height": "250px",
      "editable": true,
      "collapse": false,
      "collapsable": true,
      "panels": [],
      "notice": false
    },
    {
      "title": "Events",
      "height": "650px",
      "editable": true,
      "collapse": false,
      "collapsable": true,
      "panels": [
        {
          "error": false,
          "span": 12,
          "editable": true,
          "group": [
            "default"
          ],
          "type": "table",
          "size": 100,
          "pages": 5,
          "offset": 0,
          "sort": [
            "_score",
            "desc"
          ],
          "style": {
            "font-size": "9pt"
          },
          "overflow": "min-height",
          "fields": [
            "@timestamp",
            "message",
            "thread_name",
            "app",
            "logger_name",
            "level_value"
          ],
          "highlight": [],
          "sortable": true,
          "header": true,
          "paging": true,
          "spyable": true,
          "queries": {
            "mode": "all",
            "ids": [
              0
            ]
          },
          "field_list": true,
          "status": "Stable",
          "trimFactor": 300,
          "normTimes": true,
          "title": "Documents",
          "all_fields": false,
          "localTime": true,
          "timeField": "@timestamp"
        }
      ],
      "notice": false
    }
  ],
  "editable": true,
  "index": {
    "interval": "none",
    "pattern": "[logstash-]YYYY.MM.DD",
    "default": "_all",
    "warm_fields": false
  },
  "style": "dark",
  "failover": false,
  "panel_hints": true,
  "loader": {
    "save_gist": false,
    "save_elasticsearch": true,
    "save_local": true,
    "save_default": true,
    "save_temp": true,
    "save_temp_ttl_enable": true,
    "save_temp_ttl": "30d",
    "load_gist": true,
    "load_elasticsearch": true,
    "load_elasticsearch_size": 20,
    "load_local": true,
    "hide": false
  },
  "pulldowns": [
    {
      "type": "query",
      "collapse": false,
      "notice": false,
      "query": "*",
      "pinned": true,
      "history": [
        "*"
      ],
      "remember": 10,
      "enable": true
    },
    {
      "type": "filtering",
      "collapse": false,
      "notice": true,
      "enable": true
    }
  ],
  "nav": [
    {
      "type": "timepicker",
      "collapse": false,
      "notice": false,
      "status": "Stable",
      "time_options": [
        "5m",
        "15m",
        "1h",
        "6h",
        "12h",
        "24h",
        "2d",
        "7d",
        "30d"
      ],
      "refresh_intervals": [
        "5s",
        "10s",
        "30s",
        "1m",
        "5m",
        "15m",
        "30m",
        "1h",
        "2h",
        "1d"
      ],
      "timefield": "@timestamp",
      "enable": true,
      "now": true,
      "filter_id": 1
    }
  ],
  "refresh": false
}

7.然后，导入该配置文件：选择上面保存的那个配置文件

8.效果图：在query可以进行搜索

在filterng可以进行过滤操作,即可实现快速定位报错的地方

 

 

 

如果觉得本文对您有所帮助，欢迎您扫码下图所示的支付宝和微信支付二维码对本文进行随意打赏。您的支持将鼓励我继续创作