Install Elasticsearch using the same source as Elasticsearch. Start the # $service logstash start finish listening $netstat - TNPL | grep TCP 5044 0 0 0.0.0.0:5044 0.0.0.0: * LISTEN 10132 / Java Copy the code Beats Filebeat The installation See the Configuration Examples section for complete configurations and the Logstash Configuration Examples for more configurations. You can increase the max-old-space-size parameter at startup to limit the size of the running memory: $vim bin/kibana # add -max-old-space-size=140 parameter NODE_ENV=production exec "$ Copy the code Install common plug-ins, such as X-pack: $ bin/kibana-plugin install x-packīy default, the Kibana runtime NodeJs will allocate a maximum of 1GB of memory. Index: ".kibana" # ername: "Elastic" # username elasticsearch.password: "changeme" # password Copy the code name: "" # elasticSearch.url: "" # es kibana. Modify the following configuration items in the kibana.yml configuration file: $ mkdir -p /usr/local/elk/kibana/config $ mv /etc/kibana/kibana.yml /usr/local/elk/kibana/config $ vim config/kibana.yml Server. $ ln -s /usr/share/kibana /usr/local/elk/kibana Install using yum command: $ yum install -y kibana Kibanaįirst, create a yum source file named Kibana.repo in /etc/yom.repos. The default user name is elastic, and the default password is Changeme. # open service $the chkconfig - add elasticsearch $the chkconfig elasticsearch on $service elasticsearch start $netstat - tunpl | Grep "9200" TCP 00 127.0.0.1:9200 0.0.0.0:* LISTEN 27029/ Java # $curl Copy the codeįinally, install the plugins used: $CD/usr/local/elk/elasticsearch # ingest - geoip and ingest the user-agent IP resolution plug-in and agent respectively resolution plug-in $bin/elasticsearch - plugin install Ingest-geoip $bin/elasticsearch-plugin install ingest-user-agent $bin/elasticsearch-plugin install ingest-user-agent X-pack # Change user password $bin/x-pack/setup-passwords interactive Copy the codeĪfter the X-Pack plug-in is installed, you need to authorize all operations on Elasticsearch. $ chown -R elk:elk /usr/local/elk/elasticsearchĮnable Elasticsearch on port 9200 by default. You can use service to manage Elasticsearch and modify the startup user and installation directory. $vim config/jvm.options # modify -xms128m -xmx256m Copy the codeĬreate an elk user because the new version of Elasticsearch does not allow you to start as root. Otherwise, memory overflow may occur, causing startup failures. Gz - C/usr/local / $mv/usr/local/elk elk/elasticsearch - 6.1.1 / usr/local/elk/elasticsearch Copy the codeīefore startup, modify the JVM size in the jvm.options configuration file. The official addressDownload the RPM package of an earlier version and use itĭownload the latest version from the official address, and then unzip: $wget $mkdir -p/usr/local/elk $tar ZXVF elasticsearch - 6.1.1. The yum command will install the latest version. Install the gPG-key with yum: $ rpm -import Run source /etc/profile for the configuration environment to take effect. If it is not installed, perform the following steps to install it: # check if $RPM installation - qa | grep Java # batch uninstall $RPM - qa | grep Java | xargs RPM -e - nodeps $yum install - y Java - 1.8.0 comes with its * $Java -version openJDK version "1.8.0_151" Copy the codeĬonfigure environment variables in /etc/profile: # point to the installation directory, JAVA_HOME= /usr/lib/jvm/java-1.8.0-openJDK-1.8.0.6_9.x86_64 PATH=$JAVA_HOME/bin:$PATH CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar JAVACMD=/usr/bin/java export JAVA_HOME JAVACMD CLASSPATH PATH Copy the code Preparations before Installation JAVA environmentĮLK requires JAVA 8 or higher. For this reason, you only need to deploy the Elasticsearch and Logstash clusters on the logging platform and the Filebeat on the application server. Of course, the system can be upgraded in the future. Since the amount of system logs is still controllable, ELK+Beats is selected and message queues are not introduced.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |