ELK是三个开源软件的缩写,分别表示: Elasticsearch , Logstash, Kibana , 都是开源软件
以下演示windows环境下elk安装
https://www.cnblogs.com/hualess/p/11540477.html
https://blog.csdn.net/weixin_34727238/article/details/81200071
下载地址 Logstash工作流程
注意点: 1、在你本地logstash解压后的文件夹,例如: D:\logstash-7.3.2\logstash-7.3.2\config下解封pipelines.yml文件下面几行注释
- pipeline.id: test pipeline.workers: 1 pipeline.batch.size: 1- pipeline.id: another_test queue.type: persisted path.config: "/tmp/logstash/*.config"
2、启动:在你的logstash文件夹下,打开dos贴入 .\bin\logstash -f D:\logstash-7.3.2\config\logstash-sample.conf
重点来了 如何配置logstash,样例:
input { stdin{ }} filter{}output { stdout{ }}
如果项配置多个input和output怎么办,以tcp、kafka输入es输出为例,找到配置文件logstash-sample.conf,其中type用于梳理管道输入输出一一对应
input { tcp { mode => "server" host => "127.0.0.1" port => 4560 type => "tcp" codec => json_lines }}input { kafka { bootstrap_servers=> "localhost:9092" # group_id =>"es" topics =>"applog" consumer_threads =>1 decorate_events =>true type => "kafka" }}output { if [type] == "tcp"{ elasticsearch { hosts => "127.0.0.1:9200" index => "data_sharing_008" # index => "%{[appname]}" } } if [type] == "kafka"{ elasticsearch { hosts => "127.0.0.1:9200" index => "data_sharing_007" # index => "kafka_%{[appname]}" } }}
京公网安备 11010802041100号