ELK5.1.2搭建配置详解
Linux版本Centos 7.0 (64位)
ELK版本
Elasticsearch 5.1.2Logstash 5.1.2Kibana 5.1.2
JAVA版本
ELK 5.1版本对JDK的最低要求是1.8,安装Java 1.8版本
cat /etc/profile
#######java8######
export JAVA_HOME=/usr/local/java
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=$JAVA_HOME/lib:.:$CLASSPATH
source /etc/profile
安装Logstash
tar -xf logstash-5.1.2.tar.gz
vim /data/elktest.conf #####编写配置文件
input {
file {
path => "/data/tomcat/allin_api/logs/catalina.out"
}
}
output {
elasticsearch {
hosts => "x.x.x.x"
index => "tomcat_api_58-%{+YYYY.MM.dd}"
}
stdout {
codec => rubydebug
}
}
/data/logstash-1.5.2/bin/logstash -f /data/elktest.conf ###启动配置logstash文件###
安装Elasticsearch
tar -xf elasticsearch-5.1.2.tar.gz
cd /data/elasticsearch-5.1.2
mvelasticsearch-5.1.2elasticsearch
vim /data/elasticsearch/config/elasticsearch.yml
https://s1.运维网.com/wyfs02/M02/91/61/wKiom1j1tCeAxCYRAAARWl8x3z4449.png
https://s1.运维网.com/wyfs02/M02/91/5F/wKioL1j1tCjShTHtAAAYXIwyqZE898.png
useradd appuser
su appuser
/data/elasticsearch/bin/elasticsearch
若是没有启动成功可以看到错误日志
1.max file descriptors for elasticsearch process likely too low, increase to at least
解决办法:1
vim /etc/security/limits.conf
https://s2.运维网.com/wyfs02/M00/91/61/wKiom1j1tD-wi5E0AAA0QOYyq-4631.png
2.max virtual memory areas vm.max_map_count is too low, increase to at least
修改/etc/sysctl.conf配置文件,
cat /etc/sysctl.conf | grep vm.max_map_count
vm.max_map_count=262144
如果不存在则添加
echo "vm.max_map_count=262144" >>/etc/sysctl.conf
安装elasticsearch-head插件
git clone git://github.com/mobz/elasticsearch-head.git
cd elasticsearch-head
npm install 执行过后如果出现node_modules的目录即为成功
如果没有npm命令,如下搭建
安装Nodejs
官网地址为http://nodejs.org
但国外地址下载太慢了,建议从淘宝下载(https://npm.taobao.org/mirrors/node/)
wget https://npm.taobao.org/mirrors/node/latest-v4.x/node-v4.4.7-linux-x64.tar.gz
解压:
tar -zxvf node-v4.4.7-linux-x64.tar.gz
设置环境变量:
export PATH=$PATH:/opt/node-v4.4.7-linux-x64/bin
执行node -v
npm -v
出现版本号即为成功
在elasticsearch-head目录下node_modules/grunt下如果没有grunt二进制程序,需要执行
cd elasticsearch-head
npm install grunt --save
vim Gruntfile.js
https://s3.运维网.com/wyfs02/M01/91/5F/wKioL1j1tF3ghF1UAABAWJybDJ0203.png-wh_500x0-wm_3-wmp_4-s_1649226852.png
cd /data/elasticsearch-head
node_modules/grunt/bin/gruntserver
浏览器访问:ip:9100
安装Kibana
tar -xf kibana-5.1.2-linux-x86_64.tar.gz
mv kibana-5.1.2 kibana
vim /data/kibana/config/kibana.yml
server.port: 5601
server.host:"ip"
elasticsearch.url: "http://ip:9200"
/data/kibana/bin/kibana
访问http://x.x.x.x:5601
页:
[1]