使用Kibana4
Kibana4 需要Elasticsearch1.4.4以后版本从官网下载kibana-4.0.2-linux-x64.tar.gz
新版使用node.js开发,自带WEB容器
配置文件config/kibana.yml
默认使用5601端口,使用http://xxxxx:5601访问
添加启动脚本/etc/init.d/kibana
#! /bin/sh
# From The Logstash Book
# The original of this file can be found at: http://kibanabook.com/code/index.html
#
#
# Logstash Start/Stop kibana
#
# chkconfig: 345 99 99
# description: Logstash
# processname: kibana
name="kibana"
kibana_bin="/data/app_platform/kibana/bin/kibana"
kibana_log="/data/app_data/kibana/logs/kibana.log"
kibana_bin_dir=`dirname ${kibana_bin}`
find_kibana_process () {
PIDTEMP=`ps -ef | grep ${kibana_bin_dir}|grep $name |grep -v grep | awk '{ print $2 }'`
# Pid not found
if [ "x$PIDTEMP" = "x" ]; then
PID=-1
else
PID=$PIDTEMP
fi
}
start () {
LOG_DIR=`dirname ${kibana_log}`
if [ ! -d $LOG_DIR ]; then
echo "Log dir ${LOG_DIR} doesn't exist. Creating"
mkdir -p $LOG_DIR
fi
find_kibana_process
if [ $PID -ne -1 ]; then
echo "$name is already running!"
else
echo "Starting $name"
nohup ${kibana_bin} >> ${kibana_log} 2>&1 &
echo "Done"
fi
}
stop () {
find_kibana_process
if [ $PID -ne -1 ]; then
echo "Stopping $name"
kill $PID
else
echo "$name is not running yet"
fi
}
case $1 in
start)
start
;;
stop)
stop
exit 0
;;
reload)
stop
sleep 2
start
;;
restart)
stop
sleep 2
start
;;
status)
find_kibana_process
if [ $PID -gt 0 ]; then
echo "kibana is running: $PID"
exit 0
else
echo "kibana is not running"
exit 1
fi
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=1
esac
exit 0
设置开机启动
chkconfig --level 35 kibana on
通过Nginx转发到http://localhost:5601/ 可以设置对Kibana的访问控制和使用SSL访问
sudo yum install openssl openssl-devel
sudo openssl genrsa -out server.key 1024
sudo openssl req -new -key server.key -out server.crt -days 3650 -x509
sudo yum -y install httpd-tools
sudo htpasswd -cssl/xxxxxxx.htpasswdjohn
server
{
listen 443 ssl;
ssl_certificate conf.d/ssl/server.crt;
ssl_certificate_key conf.d/ssl/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name kibana.youxi021.com;
access_log/data/app_data/nginx/logs/kibana.log main;
client_max_body_size 5m;
index index.html index.htm;
autoindex on;
root/data/app_platform/kibana;
location / {
proxy_pass http://127.0.0.1:5601;
proxy_read_timeout 90;
auth_basic "Restricted";
auth_basic_user_file conf.d/ssl/xxxxxx.htpasswd;
}
}
http://s3.运维网.com/wyfs02/M01/5F/EC/wKioL1UqcWGjn5gBAATf5__IXEM737.jpg
这里需要注意的是host字段,如果服务器没有在/etc/hosts里面设置主机名,logstash会显示0.0.0.0
例如,以上是用Logstash收集syslog日志,由于没有在/etc/hosts里面设置主机名,由rsyslog管理的日志内容里面host字段都是localhost。
所以在使用logstash收集其他类型的日志时要注意获取争取的服务器主机名才好区分日志来源
参考文档:
http://www.elastic.co/guide/en/kibana/current/index.html
页:
[1]