SpringBoot整合elk,搭建實時日誌平臺
這篇文章主要介紹springboot整合elk.
elk 簡介
-
Elasticsearch是個開源分散式搜尋引擎,它的特點有:分散式,零配置,自動發現,索引自動分片,索引副本機制,restful風格介面,多資料來源,自動搜尋負載等。
-
Logstash是一個完全開源的工具,他可以對你的日誌進行收集、過濾,並將其儲存供以後使用(如,搜尋)。
-
Kibana 也是一個開源和免費的工具,它Kibana可以為 Logstash 和 ElasticSearch 提供的日誌分析友好的 Web 介面,可以幫助您彙總、分析和搜尋重要資料日誌。
elk下載安裝
建議在 linux上執行,elk在windows上支援得不好,另外需要jdk1.8 的支援,需要提前安裝好jdk.
下載完之後: 安裝,以logstash為栗子:
cd /usr/local/
mkdir logstash
tar -zxvf logstash-5.3.2.tar.gz
mv logstash-5.3.2 /usr/local/logstash
配置、啟動 Elasticsearch
開啟Elasticsearch的配置檔案:
vim config/elasticsearch.yml- 1
修改配置:
network.host=localhost
network.port=9200
- 1
- 2
- 3
它預設就是這個配置,沒有特殊要求,在本地不需要修改。
啟動Elasticsearch
./bin/elasticsearch
- 1
- 2
啟動成功,訪問localhost:9200,網頁顯示:
{
"name" : "56IrTCM",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "e4ja7vS2TIKI1BsggEAa6Q",
"version" : {
"number" : "5.2.2",
"build_hash" : "f9d9b74",
"build_date" : "2017-02-24T17:26:45.835Z",
"build_snapshot" : false,
"lucene_version" : "6.4.1" - 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
配置、啟動 logstash
在 logstash的主目錄下:
vim config/log4j_to_es.conf
- 1
- 2
修改 log4j_to_es.conf 如下:
input {
log4j {
mode => "server"
host => "localhost"
port => 4560
}
}
filter {
#Only matched data are send to output.
}
output {
elasticsearch {
action => "index" #The operation on ES
hosts => "localhost:9200" #ElasticSearch host, can be array.
index => "applog" #The index to write data to.
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
修改完配置後啟動:
./bin/logstash -f config/log4j_to_es.conf
- 1
- 2
終端顯示如下:
訪問localhost:9600
{"host":"Pc-20130412.local","version":"5.3.2","http_address":"127.0.0.1:9600","id":"e6bb985c-c688-49a4-
a55b-4d362bb4136f","name":"Pc-20130412.local","build_date":
"2017-04-24T16:32:22Z","build_sha":"242159a5eea55fe213fe5c8
52d36455e24252c82","build_snapshot":false}- 1
- 2
- 3
- 4
證明logstash啟動成功。
配置、啟動kibana
到kibana的安裝目錄:
./bin/kibana - 1
預設配置即可。
訪問localhost:5601,網頁顯示:
證明啟動成功。
建立springboot工程
起步依賴如下:
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-log4j</artifactId>
<version>1.3.8.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
log4j的配置,/src/resources/log4j.properties如下:
log4j.rootLogger=INFO,console
# for package com.demo.elk, log would be sent to socket appender.
log4j.logger.com.forezp=DEBUG, socket
# appender socket
log4j.appender.socket=org.apache.log4j.net.SocketAppender
log4j.appender.socket.Port=4560
log4j.appender.socket.RemoteHost=localhost
log4j.appender.socket.layout=org.apache.log4j.PatternLayout
log4j.appender.socket.layout.ConversionPattern=%d [%-5p] [%l] %m%n
log4j.appender.socket.ReconnectionDelay=10000
# appender console
log4j.appender.console=org.apache.log4j.ConsoleAppender
log4j.appender.console.target=System.out
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern=%d [%-5p] [%l] %m%n
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
列印log測試:
@RunWith(SpringRunner.class)
@SpringBootTest
public class SpringbootElkApplicationTests {
@Test
public void contextLoads() {
}
private Logger logger = Logger.getLogger(getClass());
@Test
public void test() throws Exception {
for(int i=0;i<100;i++) {
logger.info("輸出info ");
logger.debug("輸出debug+skkkw嗡嗡嗡kw");
logger.error("輸出error 嗡嗡嗡我");
}
}
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
在kibana 實時監控日誌
開啟localhost:5601:
Management=>index pattrns=>add new:
點選discovery:
