欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

Ubuntu 16.04 搭建 ELK

程序员文章站 2023-09-07 18:43:58
1、安装Java JDK 2、安装Elasticsearch 1、导入Elasticsearch的GPG公钥 2、添加Elasticsearch仓库源 3、安装elasticsearch 4、安装完成之后,配置Elasticsearch 5、启动Elasticsearch服务并加入开机自启 3、安装 ......

1、安装java jdk

sudo apt-get install default-jdk

2、安装elasticsearch

1、导入elasticsearch的gpg公钥

 wget -qo - https://packages.elastic.co/gpg-key-elasticsearch | sudo apt-key add -

2、添加elasticsearch仓库源

 echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list

3、安装elasticsearch

sudo apt-get update
sudo apt-get install elasticsearch

4、安装完成之后,配置elasticsearch

sudo vim /etc/elasticsearch/elasticsearch.yml
network.host: localhost       取消下面一行注释,并把值替换为localhost:

5、启动elasticsearch服务并加入开机自启

sudo systemctl start elasticsearch
sudo systemctl enbale elasticsearch

3、安装kibana

1、添加kibana仓库

echo "deb http://packages.elastic.co/kibana/4.5/debian stable main" | sudo tee -a /etc/apt/sources.list

2、安装kibana

sudo apt-get update
sudo apt-get install kibana

3、配置kinbana

sudo vim /opt/kibana/config/kibana.yml
server.host: "localhost"            把值改为localhost

4、启动kinbana服务并加入开机自启

sudo systemctl start kinbana
sudo systemctl enbale kinbana

4、安装nginx

sudo apt-get install nginx

1、启动nginx并加入开机自启

sudo systemctl start nginx
sudo systemctl enable nginx

2、使用openssl创建一个管理员(admin)

按照提示创建用户和密码,用来登陆kinbana web

sudo -v
echo "admin:`openssl passwd -apr1`" | sudo tee -a /etc/nginx/htpasswd.users

3、修改nginx配置文件

 sudo vim /etc/nginx/conf.d/elk.conf
 server {
    listen 80;
 
    server_name your_domain_or_ip;           填写你的ip或者域名     
 
    auth_basic "restricted access";
    auth_basic_user_file /etc/nginx/htpasswd.users;
 
    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header upgrade $http_upgrade;
        proxy_set_header connection 'upgrade';
        proxy_set_header host $host;
        proxy_cache_bypass $http_upgrade;        
    }
}

4、检查nginx配置语法

ok的话就重启nginx

nginx -t
sudo systemctl restart nginx

5、安装logstash

1、添加logstash软件源

echo "deb http://packages.elastic.co/logstash/2.3/debian stable main" | sudo tee -a /etc/apt/sources.list

2、安装logstash

sudo apt-get update
sudo apt-get install logstash

3、设置接收的日志格式及类型,创建配置文件

sudo vim /etc/logstash/conf.d/30-elasticsearch-output.conf
output {
  elasticsearch {
    hosts => ["localhost:9200"]
    sniffing => true
    manage_template => false
    index => "%{[@metadata][beat]}-%{+yyyy.mm.dd}"
    document_type => "%{[@metadata][type]}"
  }
}

6、安装filebeat

1、添加filebeat源和key

echo "deb https://packages.elastic.co/beats/apt stable main" |  sudo tee -a /etc/apt/sources.list.d/beats.list
wget -qo - https://packages.elastic.co/gpg-key-elasticsearch | sudo apt-key add -

2、安装filebeat

sudo apt-get update
sudo apt-get install filebeat

3、启动filebeat并加入开机自启

sudo systemctl start filebeat
sudo systemctl enable filebeat

7、登陆web端添加索引

索引名称填写为  filebeat-*

Ubuntu 16.04 搭建 ELK