ELK服务器
操作系统版本:centos7.5
IP地址:192.168.23.142
一、安装jdk1.8
下载地址
http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
rpm -ivh /tmp/jdk-8u172-linux-x64.rpm
java -version
二、安装elasticsearch
groupadd elasticsearch
useradd elasticsearch -g elasticsearch
cd /opt/
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz
tar -zxvf elasticsearch-6.2.4.tar.gz
chown -R elasticsearch.elasticsearch /opt/elasticsearch-6.2.4
启动elasticsearch
su elasticsearch
cd /opt/elasticsearch-6.2.4
bin/elasticsearch -dcurl -XGET '127.0.0.1:9200'
三、安装logstash
cd /opt/
wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.tar.gz
tar -zxvf logstash-6.2.4.tar.gz
vim /opt/logstash-6.2.4/default.conf
input {
beats {
port => "5044"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
geoip {
source => "clientip"
}
}
output {
elasticsearch {
hosts => ["127.0.0.1:9200"]
}
}
启动logstash
cd /opt/logstash-6.2.4
nohup bin/logstash -f default.conf --config.reload.automatic &
四、安装kibana
cd /opt/
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.4-linux-x86_64.tar.gz
tar -zxvf kibana-6.2.4-linux-x86_64.tar.gz
vim /opt/kibana-6.2.4-linux-x86_64/config/kibana.yml
修改为
启动kibana
cd /opt/kibana-6.2.4-linux-x86_64/
nohup bin/kibana &五、http://192.168.23.142:5601/
稍等服务启动完毕,时间视ELK服务器配置有长有短。
然后用浏览器打开http://192.168.23.142:5601/
至此,ELK部署完毕。