EFK收集NGINX线程

  • NGINX(192.168.132.7)参考
    59. 创建nginx的topic ./bin/kafka-topics.sh --create --zookeeper 192.168.132.24:2181 --replication-factor 2 --partitions 3 --topic nginx
    60. yum -y install epel-release
    61. yum -y install nginx
    62. systemctl start nginx
    63. tailf /var/log/nginx/access.log AB压测工具(yum -y install httpd-tools 192.168.132.17)
    64. ab -n 100 -c 100 http://192.168.132.7/index.html

    配置filebeat文件(192.168.132.7)

    1. vim /etc/filebeat/filebeat.yml
    2. EFK收集NGINX线程
      filebeat.inputs:
    • type: log enabled: true paths:
      • /var/log/messages fields:
        log_topics: msg
    • type: log enabled: true paths:
      • /var/log/nginx/access.log fields:
        log_topics: nginx

    output.kafka: enabled: true # Array of hosts to connect to.
    hosts:
    [“192.168.141.130:9202”,“192.168.141.146:9202”,“192.168.141.147:9092”]
    #topic: msg topic: ‘%{[fields][log_topics]}’
    67. systemctl restart filebeat
    68. tailf /var/log/filebeat/filebeat
    69. EFK收集NGINX线程 安装包查看
    70. ctrl c
    71. ./filebeat -c filebeat.yml -e

    消费(192.168.132.17)
    1…/bin/kafka-console-consumer.sh –bootstrap-server 192.168.132.7:9092 –topic nginx –from-beginning EFK收集NGINX线程

    配置elasticsearch(192.168.132.17)

    1. systemctl restart elasticsearch logstash(192.168.132.7)
    2. vim /etc/logstash/conf.d/nginx.conf
    3. EFK收集NGINX线程
    4. 配置管道 vim pipelines.yml
    5. EFK收集NGINX线程
    6. systemctl restart logstash
    7. ss -ntlp | grep 9600
    8. tailf /var/log/logstash/logstash-plain.log
    9. EFK收集NGINX线程 压测(192.168.132.17)
    10. ab -n 100 -c 100 http://192.168.132.7/index.html EFK收集NGINX线程
      查看索引(192.168.132.17)
    11. curl -X GET http://192.168.132.17:9200/_cat/indices?v
    12. EFK收集NGINX线程 配置LOGSTASH过滤模块(正则匹配)192.168.132.7
    13. cd /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-patterns-core-4.1.2/patterns
    14. vim nginx_access
    15. URIPARAM1 [A-Za-z0-9$.+!’|(){},[email protected]#%&/=:;_?-[]]
    16. NGINXACCESS %{IPORHOST:client_ip} (%{USER:ident}|- ) (%{USER:auth}|-) [%{HTTPDATE:timestamp}] “(?:%{WORD:verb}
      (%{NOTSPACE:request}|-)(?: HTTP/%{NUMBER:http_version})?|-)”
      %{NUMBER:status} (?:%{NUMBER:bytes}|-) “(?:%{URI:referrer}|-)”
      “%{GREEDYDATA:agent}”
    17. logstash grok 内置正则:https://github.com/logstash-plugins/logstash-patterns-core/blob/master/patterns/grok-patterns
    18. vim /etc/logstash/conf.d/nginx.conf
    19. EFK收集NGINX线程
      input {
      kafka {
      bootstrap_servers => [“192.168.141.130:9092,192.168.141.146:9092,192.168.141.147:9092”]
      group_id => “logstash”
      topics => “nginx”
      consumer_threads => 5
      } } filter {
      json {
      source => “message”
      }
      mutate {
      remove_field => ["@version",“fields”,“prospector”,“source”,“host”,“beat”,“input”,“offset”,“log”]
      }
      grok {
      match => { “message” => “%{NGINXACCESS}” }
      } } output {
      elasticsearch {
      hosts => “192.168.141.146:9200”
      index => “nginx-%{+YYYY.MM.dd}”
      } }
    20. systemctl restart logstash
    21. ss -ntlp | grep 9600
    22. tailf /var/log/logstash/logstash-plain.log
    23. 删除原来的索引添加新索引
    24. ab -n 100 -c 100 http://192.168.132.17/index.html
    25. EFK收集NGINX线程
    26. curl -X GET http://192.168.132.17:9200/_cat/indices?v
    27. EFK收集NGINX线程
    28. EFK收集NGINX线程
    29. EFK收集NGINX线程

相关文章:

  • 2021-10-16
  • 2022-01-23
  • 2022-12-23
  • 2022-03-09
  • 2021-08-07
  • 2022-12-23
  • 2022-12-23
  • 2022-02-11
猜你喜欢
  • 2021-11-07
  • 2022-12-23
  • 2021-07-12
  • 2021-09-21
  • 2021-06-07
  • 2021-04-22
  • 2022-02-11
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode