安装elasticsearch 6.0.0
1.下载和配置相应的elasticsearch文件
# 进入到 cd
/opt 下
wget https
://artifacts
.elastic
.co
/downloads
/elasticsearch
/elasticsearch
-6.0.0.zip
unzip elasticsearch
-6.0.0.zip
cd elasticsearch
-6.0.0/
2.添加普通用户
# 在linux环境中
,elasticsearch不允许以root权限运行
,这里创建一个elk用户
groupadd elk # 创建用户组elk
useradd elk
-g elk
-s
/bin
/bash # 创建新用户elk,
-g elk 设置其用户组为 elk,
-p elk 设置其密码为elk
chown
-R elk
.elk
/opt # 更改
/opt 文件夹及内部文件的所属用户及组为 elk
:elk
# vim config
/elasticsearch
.yml
network
.host
: 0.0.0.0
http
.port
: 9200
path
.logs
: /opt
/elasticsearch
-6.0.0/logs
path
.data
: /opt
/elasticsearch
-6.0.0/data
action
.destructive_requires_name
: true
# 允许跨域访问
http
.cors
.enabled
: true
http
.cors
.allow
-origin
: "*"
3.修改分配的jvm空间大小,修改系统配置,启动服务
参考我之前写的 centos7安装elasticsearch-7.0.1伪集群
安装logstash 6.0.0
1.下载和配置相应的logstash 文件
# 进入到opt目录下 cd
/opt
wget https
://artifacts
.elastic
.co
/downloads
/logstash
/logstash
-6.0.0.tar
.gz
tar
-xzvf logstash
-6.0.0.tar
.gz
# 进入到logstash
-6.0.0 目录下 cd
/opt
/logstash
-6.0.0
# 新建一个配置文件
touch config
/python
-logstash
.conf
# 编辑配置文件
vim config
/python
-logstash
.conf
# 配置文件的内容如下
input
{
udp
{
port
=> 5959 #udp的端口
codec
=> json#输入的格式为json格式
}
}
# 过滤字段
filter
{
mutate
{
remove_field
=> ["@version"]
remove_field
=> ["@timestamp"]
}
}
output
{
elasticsearch
{
hosts
=> ["192.168.18.133:9200"] #es的地址
index
=> "python-message-%{+YYYY.MM.dd}" #存入到es的索引名
}
stdout
{
codec
=> rubydebug
#codec
=> json
}
# 输出到kafka
kafka
{
codec
=> json
topic_id
=> "mytopic" # 组的id
bootstrap_servers
=> "10.211.55.3:29092" # kafka所在的ip
:port
}
}
2.下载和配置相应的logstash 文件
# 检查配置文件是否正确
/opt
/logstash
-6.0.0/bin
/logstash
-t
-f
/opt
/logstash
-6.0.0/config
/python
-logstash
.conf
启动:
/opt
/logstash
-6.0.0/bin
/logstash
-f
/opt
/logstash
-6.0.0/config
/python
-logstash
.conf
加载本文件夹所有配置文件启动:
/opt
/logstash
-6.0.0/bin
/logstash
-f
/opt
/logstash
-6.0.0/config
/python
-logstash
.conf
或后台启动:
nohup
/opt
/logstash
-6.0.0/bin
/logstash
-f config
/python
-logstash
.conf
&
安装kibana
# 进入到opt目录 cd
/opt
wget https
://artifacts
.elastic
.co
/downloads
/kibana
/kibana
-6.0.0-x86_64
.rpm
yum install
-y kibana
-6.0.0-x86_64
.rpm
# 修改配置文件
vim
/etc
/kibana
/kibana
.yml
server
.port
: 5601
# server
.host
: "0.0.0.0"
server
.host
: "10.211.55.3"
elasticsearch
.url
: "http://10.211.55.3:9200"
#
.启动服务
systemctl enable kibana
systemctl start kibana
#
.验证
ss
-antlup
| grep
5601
#
-*- coding
: utf
-8 -*-
# @Time
: 2019/3/18 9:45
# @Author
:
"""
"""
import logging
import logstash
import sys
class Logstash(object
):
def
__init__(self
, host
='192.168.18.133', console_name
='article', port
=5959, version
=1):
# 输出的日志的名称
self
.host
= host
self
.console_name
= console_name
self
.port
= port
self
.version
= version
self
.spider_logger
= self
.init()
def
init(self
):
spider_logger
= logging
.getLogger(self
.console_name
)
spider_logger
.setLevel(logging
.INFO)
spider_logger
.addHandler(logstash
.LogstashHandler(self
.host
, self
.port
, version
=self
.version
))
return spider_logger
def
level(self
,message
='', level
='info'):
"""设置日志等级"""
if not message
:
raise
Exception("please input your message")
if level
== 'error':
self
.spider_logger
.error(message
)
elif level
== 'info':
self
.spider_logger
.info(message
)
else:
self
.spider_logger
.warning(message
)
def
extra(self
, extra
=None
):
"""额外输出信息"""
# add extra field to logstash message
if not extra
:
extra
= {
'test_string': 'python version: ' + repr(sys
.version_info
),
'test_boolean': True
,
'test_dict': {'a': 1, 'b': 'c'},
'test_float': 1.23,
'test_integer': 123,
'test_list': [1, 2, '3'],
}
self
.spider_logger
.info('python-logstash: test extra fields', extra
=extra
)
if __name__
== '__main__':
lgs
= Logstash()
lgs
.level(message
='hello')
在kibana中 在logstash中 参考 https://www.jianshu.com/p/cb510f55e318 参考 https://www.jianshu.com/p/1bffca69ac1a 参考 https://blog.51cto.com/kexiaoke/1952969 参考 https://www.cnblogs.com/lovelinux199075/p/9101631.html
