安装java
yum install java-1.6.0-openjdk* -y
yum install java-1.6.0-openjdk* -y
安装elasticsearch
wget https://github.com/downloads/elasticsearch/elasticsearch/elasticsearch-0.19.11.tar.gz
tar -zxvf elasticsearch-0.19.11.tar.gz
mv elasticsearch-0.19.11 /usr/local/elasticsearch
/usr/local/elasticsearch/bin/elasticsearch -f
wget https://github.com/downloads/elasticsearch/elasticsearch/elasticsearch-0.19.11.tar.gz
tar -zxvf elasticsearch-0.19.11.tar.gz
mv elasticsearch-0.19.11 /usr/local/elasticsearch
/usr/local/elasticsearch/bin/elasticsearch -f
安装插件elasticsearch-head:
yum install git -y
git clone git://github.com/Aconex/elasticsearch-head.git
/usr/local/elasticsearch/bin/plugin -install Aconex/elasticsearch-head
重启es
http://192.168.14.117:9200/_plugin/head/
yum install git -y
git clone git://github.com/Aconex/elasticsearch-head.git
/usr/local/elasticsearch/bin/plugin -install Aconex/elasticsearch-head
重启es
http://192.168.14.117:9200/_plugin/head/
测试:
wget http://logstash.net/docs/1.1.0/tutorials/10-minute-walkthrough/apache-parse.conf
修改如下:
output {
stdout {
debug => true
}
elasticsearch { embedded => true } //开启es支持
}
wget http://logstash.net/docs/1.1.0/tutorials/10-minute-walkthrough/apache-parse.conf
修改如下:
output {
stdout {
debug => true
}
elasticsearch { embedded => true } //开启es支持
}
安装grok:
yum install -y gcc gperf make libevent-devel pcre-devel tokyocabinet-devel
wget --no-check-certificate https://github.com/jordansissel/grok/tarball/master -O grok.tar.gz
tar zxf grok.tar.gz
cd jordansissel-grok-*
make grok
make install
ldconfig
cd ..
运行:
java -jar logstash-*-monolithic.jar agent -f apache-parse.conf -- web --backend elasticsearch://localhost/
java -jar logstash-*-monolithic.jar agent -f apache-parse.conf -- web --backend elasticsearch://localhost/
tail -f /var/log/httpd/access_log|nc 127.0.0.1 3333
转自:http://blog.chinaunix.net/uid-405749-id-3414824.html
3771
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
