sudo apt-get install default-jdk
wget -qo - https://packages.elastic.co/gpg-key-elasticsearch | sudo apt-key add -
echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
sudo apt-get update sudo apt-get install elasticsearch
sudo vim /etc/elasticsearch/elasticsearch.yml network.host: localhost 取消下面一行注释,并把值替换为localhost:
sudo systemctl start elasticsearch sudo systemctl enbale elasticsearch
echo "deb http://packages.elastic.co/kibana/4.5/debian stable main" | sudo tee -a /etc/apt/sources.list
sudo apt-get update sudo apt-get install kibana
sudo vim /opt/kibana/config/kibana.yml server.host: "localhost" 把值改为localhost
sudo systemctl start kinbana sudo systemctl enbale kinbana
sudo apt-get install nginx
sudo systemctl start nginx sudo systemctl enable nginx
按照提示创建用户和密码,用来登陆kinbana web
sudo -v echo "admin:`openssl passwd -apr1`" | sudo tee -a /etc/nginx/htpasswd.users
sudo vim /etc/nginx/conf.d/elk.conf server { listen 80; server_name your_domain_or_ip; 填写你的ip或者域名 auth_basic "restricted access"; auth_basic_user_file /etc/nginx/htpasswd.users; location / { proxy_pass http://localhost:5601; proxy_http_version 1.1; proxy_set_header upgrade $http_upgrade; proxy_set_header connection 'upgrade'; proxy_set_header host $host; proxy_cache_bypass $http_upgrade; } }
ok的话就重启nginx
nginx -t sudo systemctl restart nginx
echo "deb http://packages.elastic.co/logstash/2.3/debian stable main" | sudo tee -a /etc/apt/sources.list
sudo apt-get update sudo apt-get install logstash
sudo vim /etc/logstash/conf.d/30-elasticsearch-output.conf output { elasticsearch { hosts => ["localhost:9200"] sniffing => true manage_template => false index => "%{[@metadata][beat]}-%{+yyyy.mm.dd}" document_type => "%{[@metadata][type]}" } }
echo "deb https://packages.elastic.co/beats/apt stable main" | sudo tee -a /etc/apt/sources.list.d/beats.list wget -qo - https://packages.elastic.co/gpg-key-elasticsearch | sudo apt-key add -
sudo apt-get update sudo apt-get install filebeat
sudo systemctl start filebeat sudo systemctl enable filebeat
索引名称填写为 filebeat-*
如对本文有疑问, 点击进行留言回复!!
linux下文本编辑器vim的使用方法(复制、粘贴、替换、行号、撤销、多文件操作)
网友评论