作者:小啊小刺猬0801_302 | 来源:互联网 | 2023-08-27 12:30
ELK是什么
ELK是三个开源软件的缩写,分别表示:
Elasticsearch , Logstash, Kibana , 都是开源软件
以下演示windows环境下elk安装
Elasticsearch安装
https://www.cnblogs.com/hualess/p/11540477.html
Kibana 安装
https://blog.csdn.net/weixin_34727238/article/details/81200071
Logstash安装
下载地址
Logstash工作流程
注意点:
1、在你本地logstash解压后的文件夹,例如: D:\logstash-7.3.2\logstash-7.3.2\config下解封pipelines.yml文件下面几行注释
- pipeline.id: test
pipeline.workers: 1
pipeline.batch.size: 1
- pipeline.id: another_test
queue.type: persisted
path.config: "/tmp/logstash/*.config"
2、启动:在你的logstash文件夹下,打开dos贴入
.\bin\logstash -f D:\logstash-7.3.2\config\logstash-sample.conf
重点来了
如何配置logstash,样例:
input {
stdin{
}
}
filter{
}
output {
stdout{
}
}
如果项配置多个input和output怎么办,以tcp、kafka输入es输出为例,找到配置文件logstash-sample.conf,其中type用于梳理管道输入输出一一对应
input {
tcp {
mode => "server"
host => "127.0.0.1"
port => 4560
type => "tcp"
codec => json_lines
}
}
input {
kafka {
bootstrap_servers=> "localhost:9092"
# group_id =>"es"
topics =>"applog"
consumer_threads =>1
decorate_events =>true
type => "kafka"
}
}
output {
if [type] == "tcp"{
elasticsearch {
hosts => "127.0.0.1:9200"
index => "data_sharing_008"
# index => "%{[appname]}"
}
}
if [type] == "kafka"{
elasticsearch {
hosts => "127.0.0.1:9200"
index => "data_sharing_007"
# index => "kafka_%{[appname]}"
}
}
}
京公网安备 11010802041100号