安装logstash+elasticsearch+kibana
系统环境# cat /etc/redhat-release
CentOS release 6.4 (Final)
# uname -a
Linux localhost.localdomain 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux 1.下载软件包
# curl -O https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz
# curl -O https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.1.1.tar.gz
# curl -O https://download.elasticsearch.org/kibana/kibana/kibana-3.1.0.tar.gz 2.解压安装
# tar xf logstash-1.4.2.tar.gz
# cd logstash-1.4.2
# mkdir conf
# vi conf/logstash-apache.conf
input {
file {
path => "/var/log/httpd/access_log"
start_position => beginning
}
}
filter {
if =~ "access" {
mutate { replace => { "type" => "apache_access" } }
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch {
host => localhost
}
stdout { codec => rubydebug }
}
# tar xf elasticsearch-1.1.1.tar.gz
# tar xf kibana-3.1.0.tar.gz
# cd kibana-3.1.0
# vi config.js
修改以下一行为
elasticsearch: "http://192.168.1.222:9200",
然后保存退出,并把改目录拷贝到网站家目录
# cp -r kibana-3.1.0 /var/www/html/kibana3 3.启动服务
# elasticsearch-1.1.1/bin/elasticsearch &
# logstash-1.4.2/bin/logstash -f logstash-1.4.2/conf/logstash-apache.conf & 4.打开浏览器查看
http://s3.运维网.com/wyfs02/M00/46/51/wKiom1PxuBryoSI4AALu6qTi92E508.jpg
http://s3.运维网.com/wyfs02/M01/46/51/wKiom1PxuBugDtSnAAK5WiZKCMU025.jpg
页:
[1]