下载elk docker
[root@localhost ~]# docker pull sebp/elk
执行命令
docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -p 5000:5000 -it --name elk sebp/elk
[root@localhost ~]# docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -p 5000:5000 -it --name elk sebp/elk
* Starting periodic command scheduler cron [ OK ]
* Starting Elasticsearch Server sysctl: setting key "vm.max_map_count": Read-only file system
[ OK ]
waiting for Elasticsearch to be up (1/30)
waiting for Elasticsearch to be up (2/30)
waiting for Elasticsearch to be up (3/30)
waiting for Elasticsearch to be up (4/30)
waiting for Elasticsearch to be up (5/30)
waiting for Elasticsearch to be up (6/30)
waiting for Elasticsearch to be up (7/30)
waiting for Elasticsearch to be up (8/30)
waiting for Elasticsearch to be up (9/30)
waiting for Elasticsearch to be up (10/30)
waiting for Elasticsearch to be up (11/30)
waiting for Elasticsearch to be up (12/30)
logstash started.
* Starting Kibana4 [ OK ]
==> /var/log/elasticsearch/elasticsearch.log <==
[2016-10-17 18:09:54,496][INFO ][env ] [Firefrost] using [1] data paths, mounts [[/var/lib/elasticsearch (/dev/mapper/centos-root)]], net usable_space [5gb], net total_space [8.4gb], spins? [possibly], types [xfs]
[2016-10-17 18:09:54,496][INFO ][env ] [Firefrost] heap size [1015.6mb], compressed ordinary object pointers [true]
[2016-10-17 18:10:01,048][INFO ][node ] [Firefrost] initialized
[2016-10-17 18:10:01,048][INFO ][node ] [Firefrost] starting ...
[2016-10-17 18:10:01,459][INFO ][transport ] [Firefrost] publish_address {172.17.0.2:9300}, bound_addresses {[::]:9300}
[2016-10-17 18:10:01,491][INFO ][discovery ] [Firefrost] elasticsearch/aGOBmIFbQzKHw2X813c01A
[2016-10-17 18:10:04,699][INFO ][cluster.service ] [Firefrost] new_master {Firefrost}{aGOBmIFbQzKHw2X813c01A}{172.17.0.2}{172.17.0.2:9300}, reason: zen-disco-join(elected_as_master, [0] joins received)
[2016-10-17 18:10:04,741][INFO ][http ] [Firefrost] publish_address {172.17.0.2:9200}, bound_addresses {[::]:9200}
[2016-10-17 18:10:04,741][INFO ][node ] [Firefrost] started
[2016-10-17 18:10:04,841][INFO ][gateway ] [Firefrost] recovered [0] indices into cluster_state
==> /var/log/logstash/logstash.log <==
==> /var/log/kibana/kibana4.log <==
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:kibana@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:elasticsearch@1.0.0","info"],"pid":197,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:kbn_vislib_vis_types@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:markdown_vis@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:metric_vis@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:spyModes@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:statusPage@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["status","plugin:table_vis@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2016-10-17T18:10:27Z","tags":["listening","info"],"pid":197,"message":"Server running at http://0.0.0.0:5601"}
{"type":"log","@timestamp":"2016-10-17T18:10:32Z","tags":["status","plugin:elasticsearch@1.0.0","info"],"pid":197,"state":"yellow","message":"Status changed from yellow to yellow - No existing Kibana index found","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
==> /var/log/elasticsearch/elasticsearch.log <==
[2016-10-17 18:10:34,093][INFO ][cluster.metadata ] [Firefrost] [.kibana] creating index, cause [api], templates [], shards [1]/[1], mappings [config]
[2016-10-17 18:10:35,398][INFO ][cluster.routing.allocation] [Firefrost] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[.kibana][0]] ...]).
==> /var/log/kibana/kibana4.log <==
{"type":"log","@timestamp":"2016-10-17T18:10:38Z","tags":["status","plugin:elasticsearch@1.0.0","info"],"pid":197,"state":"green","message":"Status changed from yellow to green - Kibana index ready","prevState":"yellow","prevMsg":"No existing Kibana index found"}
==> /var/log/logstash/logstash.log <==
{:timestamp=>"2016-10-17T18:11:06.093000+0000", :message=>"Pipeline main started"}
157
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
