elk7.9.2使用rpm安裝
阿新 • • 發佈:2020-11-24
環境:linux
1、軟體下載elk
下載連結https://elasticsearch.cn/download/ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.9.2-x86_64.rpm wget https://artifacts.elastic.co/downloads/kibana/kibana-7.9.2-x86_64.rpm wget https://artifacts.elastic.co/downloads/logstash/logstash-7.9.2.rpm
2、7.9需要安裝jdk11,下載連結
連結: https://pan.baidu.com/s/1EYtj3d8OboJDjypoTLdLog 提取碼: y2jn
3、安裝jdk和elk
rpm -ivh jdk-11.0.9_linux-x64_bin.rpm rpm -ivh elasticsearch-7.9.2-x86_64.rpm rpm -ivh kibana-7.9.2-x86_64.rpm rpm -ivh logstash-7.9.2.rpm
4、配置elasticsearch
cat /etc/elasticsearch/elasticsearch.yml #叢集名 cluster.name: my-es #node名 node.name: node-1 #資料目錄 path.data: /data/es-data #日誌目錄 path.logs: /var/log/elasticsearch network.host: 0.0.0.0 http.port: 9200 #叢集master需要和node名設定一致 cluster.initial_master_nodes: ["node-1"]
5、啟動elasticsearch並驗證
mkdir -p /data/es-data
chown -R elasticsearch:elasticsearch /data/es-data/
systemctl start elasticsearch
systemctl enable elasticsearch
[root@node-1]# curl 127.0.0.1:9200
{
"name" : "node-1",
"cluster_name" : "my-es",
"cluster_uuid" : "-5vm0JOyQP-fehWjlXal_A",
"version" : {
"number" : "7.1.1",
"build_flavor" : "default",
"build_type" : "rpm",
"build_hash" : "7a013de",
"build_date" : "2019-05-23T14:04:00.380842Z",
"build_snapshot" : false,
"lucene_version" : "8.0.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
6、修改kibana配置
cat /etc/kibana/kibana.yml server.port: 5601 server.host: "yourip" server.name: "node-1" elasticsearch.hosts: ["http://192.168.1.4:9200"] kibana.index: ".kibana"
7、啟動kibana並驗證
systemctl start kibana systemctl enable kibana 網頁訪問連結:http://ip:5601
8、使用logstash收集日誌
標準輸入輸出
/usr/share/logstash/bin/logstash -e 'input { stdin{} } output { stdout {} }'