https:github.comelasticbeats-dashboards一、介绍filebeat貌似功能笔logstash更好,是下一代的日志收集器。topbeat定期收集系统信息如每个
https://github.com/elastic/beats-dashboards
一、介绍
filebeat貌似功能笔logstash更好,是下一代的日志收集器。
topbeat定期收集系统信息如每个进程信息、负载、内存、磁盘等等,然后将数据发送到elasticsearch进行索引。
packetbeat可以分析某个时间段mysql或者mongodb的慢查询日志情况;还有I/O吞吐量;这个时间段内经常执行的查询语句,http访问情况等信息;然后将分析出来的结果以图表的形式展现出来。
二、需要的beats包
filebeat-1.2.3-x86_64.rpm
topbeat-1.2.2-x86_64.rpm
packetbeat-1.2.2-x86_64.rpm
三、安装beats
1、安装filebeat
[root@ossec-server ~]# rpm -ivh filebeat-1.2.3-x86_64.rpm
warning: filebeat-1.2.3-x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID d88e42b4: NOKEY
Preparing... ########################################### [100%]
1:filebeat ########################################### [100%]
[root@ossec-server ~]# curl -XPUT 'http://localhost:9200/_template/filebeat?pretty' -d@/etc/filebeat/filebeat.template.json
{
"acknowledged" : true
}
[root@ossec-server ~]# /etc/init.d/filebeat start
Stopping filebeat: [FAILED]
Starting filebeat: [ OK ]
2、安装topbeat
[root@ossec-server ~]# rpm -ivh topbeat-1.2.2-x86_64.rpm
Preparing... ########################################### [100%]
package topbeat-1.2.2-1.x86_64 is already installed
[root@ossec-server ~]# curl -XPUT 'http://localhost:9200/_template/topbeat' -d@/etc/topbeat/topbeat.template.json
{"acknowledged":true}
[root@ossec-server ~]# /etc/init.d/topbeat start
3、安装packetbeat
[root@ossec-server ~]# rpm -ivh packetbeat-1.2.2-x86_64.rpm
Preparing... ########################################### [100%]
package packetbeat-1.2.2-1.x86_64 is already installed
[root@ossec-server ~]# curl -XPUT 'http://localhost:9200/_template/packetbeat' -d@/etc/packetbeat/packetbeat.template.json
{"acknowledged":true}
[root@ossec-server ~]# /etc/init.d/topbeat start
Starting topbeat: [ OK ]
4、安装dashboards
[root@ossec-server ~]# git clone https://github.com/elastic/beats-dashboards.git
Initialized empty Git repository in /root/beats-dashboards/.git/
remote: Counting objects: 1303, done.
remote: Total 1303 (delta 0), reused 0 (delta 0), pack-reused 1303
Receiving objects: 100% (1303/1303), 2.75 MiB | 152 KiB/s, done.
Resolving deltas: 100% (892/892), done.
[root@ossec-server ~]# cd beats-dashboards
[root@ossec-server beats-dashboards]# sh load.sh -url http://localhost:9200
Loading dashboards to http://localhost:9200 in .kibana
{"error":"IndexAlreadyExistsException[[.kibana] already exists]","status":400}{"acknowledged":true}Loading search Cache-transactions:
{"_index":".kibana","_type":"search","_id":"Cache-transactions","_version":1,"created":true}
Loading search DB-transactions:
{"_index":".kibana","_type":"search","_id":"DB-transactions","_version":1,"created":true}
Loading search Default-Search:
{"_index":".kibana","_type":"search","_id":"Default-Search","_version":1,"created":true}
Loading search Filesystem-stats:
{"_index":".kibana","_type":"search","_id":"Filesystem-stats","_version":1,"created":true}
Loading search HTTP-errors:
{"_index":".kibana","_type":"search","_id":"HTTP-errors","_version":1,"created":true}
Loading search MongoDB-errors:
{"_index":".kibana","_type":"search","_id":"MongoDB-errors","_version":1,"created":true}
Loading search MongoDB-transactions:
{"_index":".kibana","_type":"search","_id":"MongoDB-transactions","_version":1,"created":true}
Loading search MongoDB-transactions-with-write-concern-0:
{"_index":".kibana","_type":"search","_id":"MongoDB-transactions-with-write-concern-0","_version":1,"created":true}
5、添加beats索引