beats（5）

https://github.com/elastic/beats-dashboards

一、介绍

filebeat貌似功能笔logstash更好，是下一代的日志收集器。

topbeat定期收集系统信息如每个进程信息、负载、内存、磁盘等等，然后将数据发送到elasticsearch进行索引。

packetbeat可以分析某个时间段mysql或者mongodb的慢查询日志情况；还有I/O吞吐量；这个时间段内经常执行的查询语句，http访问情况等信息；然后将分析出来的结果以图表的形式展现出来。

二、需要的beats包

filebeat-1.2.3-x86_64.rpm

topbeat-1.2.2-x86_64.rpm

packetbeat-1.2.2-x86_64.rpm

三、安装beats

1、安装filebeat

[[email protected] ~]# rpm -ivh filebeat-1.2.3-x86_64.rpm

warning: filebeat-1.2.3-x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID d88e42b4: NOKEY

Preparing...                ########################################### [100%]

1:filebeat               ########################################### [100%]

[[email protected] ~]# curl -XPUT ‘http://localhost:9200/_template/filebeat?pretty‘ [email protected]/etc/filebeat/filebeat.template.json

{

"acknowledged" : true

}

[[email protected] ~]# /etc/init.d/filebeat start

Stopping filebeat:                                         [FAILED]

Starting filebeat:                                         [  OK  ]

2、安装topbeat

[[email protected] ~]# rpm -ivh topbeat-1.2.2-x86_64.rpm

Preparing...                ########################################### [100%]

package topbeat-1.2.2-1.x86_64 is already installed

[[email protected] ~]# curl -XPUT ‘http://localhost:9200/_template/topbeat‘ [email protected]/etc/topbeat/topbeat.template.json

{"acknowledged":true}

[[email protected] ~]# /etc/init.d/topbeat start

3、安装packetbeat

[[email protected] ~]# rpm -ivh packetbeat-1.2.2-x86_64.rpm

Preparing...                ########################################### [100%]

package packetbeat-1.2.2-1.x86_64 is already installed

[[email protected] ~]# curl -XPUT ‘http://localhost:9200/_template/packetbeat‘ [email protected]/etc/packetbeat/packetbeat.template.json

{"acknowledged":true}

[[email protected] ~]# /etc/init.d/topbeat start

Starting topbeat:                                          [  OK  ]

4、安装dashboards

[[email protected] ~]# git clone https://github.com/elastic/beats-dashboards.git

Initialized empty Git repository in /root/beats-dashboards/.git/

remote: Counting objects: 1303, done.

remote: Total 1303 (delta 0), reused 0 (delta 0), pack-reused 1303

Receiving objects: 100% (1303/1303), 2.75 MiB | 152 KiB/s, done.

Resolving deltas: 100% (892/892), done.

[[email protected] ~]# cd beats-dashboards

[[email protected] beats-dashboards]# sh load.sh -url http://localhost:9200

Loading dashboards to http://localhost:9200 in .kibana

{"error":"IndexAlreadyExistsException[[.kibana] already exists]","status":400}{"acknowledged":true}Loading search Cache-transactions:

{"_index":".kibana","_type":"search","_id":"Cache-transactions","_version":1,"created":true}

Loading search DB-transactions:

{"_index":".kibana","_type":"search","_id":"DB-transactions","_version":1,"created":true}

Loading search Default-Search:

{"_index":".kibana","_type":"search","_id":"Default-Search","_version":1,"created":true}

Loading search Filesystem-stats:

{"_index":".kibana","_type":"search","_id":"Filesystem-stats","_version":1,"created":true}

Loading search HTTP-errors:

{"_index":".kibana","_type":"search","_id":"HTTP-errors","_version":1,"created":true}

Loading search MongoDB-errors:

{"_index":".kibana","_type":"search","_id":"MongoDB-errors","_version":1,"created":true}

Loading search MongoDB-transactions:

{"_index":".kibana","_type":"search","_id":"MongoDB-transactions","_version":1,"created":true}

Loading search MongoDB-transactions-with-write-concern-0:

{"_index":".kibana","_type":"search","_id":"MongoDB-transactions-with-write-concern-0","_version":1,"created":true}

5、添加beats索引