环境:Centos7, jdk1.8
安装logstash
1.下载logstash
地址:https://artifacts.elastic.co/downloads/logstash/logstash-7.0.0.tar.gz
2.解压logstash压缩包
tar zxvf logstash-7.0.0.tar.gz
3.config文件夹下创建配置文件
vim logstash-elasticsearch.conf
添加以下内容:
input {
# For detail config for log4j as input,
# See: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-log4j.html
tcp {
mode => "server"
host => "0.0.0.0"
port => 9000
codec => json_lines
}
}
filter {
#Only matched data are send to output.
}
output {
# For detail config for elasticsearch as output,
# See: https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html
elasticsearch {
action => "index" #The operation on ES
hosts => ["localhost:9200"] #ElasticSearch host, can be array.
index => "demolog" #The index to write data to.
}
}
4.后台启动logstash
./bin/logstash -f config/logstash-elasticsearch.conf &
安装elasticsearch
1.下载elasticsearch
地址:https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-linux-x86_64.tar.gz
2.解压elasticsearch压缩包
tar zxvf elasticsearch-7.0.0-linux-x86_64.tar.gz
3.修改elasticsearch.yml
启用以下配置
cluster.name: demo-cluster
node.name: node-1
path.data: /tmp/soft/elasticsearch-7.0.0/data
path.logs: /tmp/soft/elasticsearch-7.0.0/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["127.0.0.1"]
cluster.initial_master_nodes: ["node-1"]
gateway.recover_after_nodes: 1
action.destructive_requires_name: true
4.创建组
groupadd elasticsearch
注:elasticsearch为组名
5.创建用户
useradd elasticsearch -g elasticsearch -p elasticsearch
注:第一个elasticsearch为用户名,第二个elasticsearch为组名,第三个elasticsearch为用户密码
6.目录授权
chown -R elasticsearch:elasticsearch /tmp/soft/elasticsearch-7.0.0
7.修改/etc/security/limits.conf
在文件末尾加入以下配置信息
* soft nofile 65536
* hard nofile 131072
* soft nproc 65536
* hard nproc 131072
* soft memlock unlimited
* hard memlock unlimited
8.修改/etc/sysctl.conf
在文件末尾加入以下配置信息
vm.max_map_count=655360
然后执行sysctl -p
9.添加elasticsearch到systemctl
在/etc/systemd/system下创建elasticsearch.sevice, 添加以下内容
[Unit]
Description=elasticsearch.service
After=network.target
[Service]
LimitCORE=infinity
LimitNOFILE=65536
LimitNPROC=65536
Group=elasticsearch
User=elasticsearch
Environment=JAVA_HOME=/tmp/soft/jdk1.8.0_211
ExecStart=/tmp/soft/elasticsearch-7.0.0/bin/elasticsearch
[Install]
WantedBy=multi-user.target
10.启动elasticsearch
设置开机启动 systemctl enable elasticsearch
启动elasticsearch systemctl start elasticsearch
查看elasticsearch状态 systemctl status elasticsearch
停止elasticsearch systemctl stop elasticsearch
11.防火墙设置
查看防火墙状态 firewall-cmd --state
关闭防火墙 systemctl stop firewalld.service
禁止防火墙开机启动 systemctl disable firewalld.service
12.验证是否启动成功
执行curl http://127.0.0.1:9200
返回以下信息表示启动成功
{
"name" : "node-1",
"cluster_name" : "demo-cluster",
"cluster_uuid" : "v9x4jEImQQ6ralBh63jVTg",
"version" : {
"number" : "7.0.0",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "b7e28a7",
"build_date" : "2019-04-05T22:55:32.697037Z",
"build_snapshot" : false,
"lucene_version" : "8.0.0",
"minimum_wire_compatibility_version" : "6.7.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
安装elasticsearch head
1.安装依赖
yum install epel-release
yum install nodejs npm
yum install -y git
2.下载elasticsearch-head
git clone git://github.com/mobz/elasticsearch-head.git
3.安装
进入elasticsearch head目录后执行npm install进行安装
4.配置elasticsearch.yml
在elasticsearch.yml配置文件末尾加入以下配置
http.cors.enabled: true
http.cors.allow-origin: "*"
5.修改elasticsearch-head/Gruntfile.js
connect: {
server: {
options: {
port: 9100,
base: ‘.‘,
keepalive: true
}
}
}
修改为
connect: {
server: {
options: {
hostname: ‘0.0.0.0‘,
port: 9100,
base: ‘.‘,
keepalive: true
}
}
}
6.修改elasticsearch-head/_site/app.js
this.base_uri = this.config.base_uri;
修改为
this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://172.29.22.151:9200";
注:172.29.22.151:9200为elasticsearch的访问地址
7.启动
后台启动 npm run start &
8.连接elasticsearch
在浏览器输入elasticsearch head的访问地址(我的elasticsearch和elasticsearch head安装在同一台服务器):http://172.29.22.151:9100
在打开的界面是中输入elasticsearch的访问地址:http://172.29.22.151:9200 后点击连接即可连接到elasticsearch
安装kibana
1.下载kibana
地址:https://artifacts.elastic.co/downloads/kibana/kibana-7.0.0-linux-x86_64.tar.gz
2.解压kibana压缩包
tar zxvf kibana-7.0.0-linux-x86_64.tar.gz
3.修改config/kibana.yml
启用以下配置:
# 172.29.22.151为本机IP地址
server.host: "172.29.22.151"
# http://172.29.22.151:9200为elasticsearch服务地址
elasticsearch.hosts: ["http://172.29.22.151:9200"]
4.后台启动kibana
./bin/kibana &
原文地址:https://www.cnblogs.com/xuaa/p/10769759.html