安装java环境
添加用户和用户组: groupadd elastic useradd -g elastic elastic
rpm –import https://artifacts.elastic.co/GPG-KEY-elasticsearch
vim /etc/yum.repos.d/elasticsearch.repo [elasticsearch-5.x] name=Elasticsearch repository for 5.x packages baseurl=https://artifacts.elastic.co/packages/5.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md
yum install -y elasticsearch
mkdir -p /data/esdata chown -R elastic:elastic /data/esdata/ chown -R elastic:elastic /var/log/elasticsearch/
logstash的数据流了解一下 input | decode | filter | encode | output
bin/logstash -e ‘input{stdin{}}output{stdout{}}’
bin/logstash -e ‘input{stdin{}}output{stdout{codec=>rubydebug}}’
codec=>rubydebug rubydebug就是codec的一种编码格式,方便我们测试和调试,美化输出 Logstash会从标准输入中获得数据,仅在数据中添加一些简单字段后将其输出到标准输出
我们也可以把codec设置成json格式,json_lines bin/logstash -e ‘input{stdin{}}output{stdout{codec=>json_lines}}’
验证配置: ./bin/logstash -f first-pipeline.conf –config.test_and_exit 报错: The error reported is: Couldn’t find any input plugin named ‘beats’. Are you sure this is correct? Trying to load the beats input plugin resulted in this error: no such file to load – logstash/inputs/beats 处理办法: bin/logstash-plugin list bin/logstash-plugin install logstash-input-beats
启动命令: ./bin/logstash -f first-pipeline.conf –config.reload.automatic –config.reload.automatic选项启用动态重载配置的功能
参考链接:https://cloud.tencent.com/developer/article/1353068
|
|