logstash+kibana3搭建

之前玩过一段时间的logstash+kibana3,还有elasticsearch。但是困于libana安装环境的复杂,自从kibana3出来之后就方便了很多,对于logstash的版本也会有一些问题。

logstash


yum install java-1.6.0*
wget https://download.elasticsearch.org/logstash/logstash/logstash-1.2.1-flatjar.jar
mkdir -p /usr/local/bin/logstash/
mkdir -p /etc/logstash/
cd /usr/local/bin/logstash/ && ln -s ./logstash-1.2.1-flatjar.jar ./logstash.jar

编辑logstash的配置文件
vim /etc/logstash/mylogstash.conf

input {
      file {
      type => "linux-syslog"
      path => [ "/var/log/messages" ]
   }
   file {
      type => "nginx-access"
      path => "/home/logs/*.log"
   }
   udp {
      type => "access_log"
      port => 3333
   }
}
output {
   stdout {
      debug => true
      debug_format ==>> json
   }
   elasticsearch {
      embedded => true
   }
}

logstash可以支持很多的输入输出,具体的可以查看http://logstash.net/docs/1.2.1/,启动logstash比较慢。
java -jar /usr/local/bin/logstash/logstash-1.2.1-flatjar.jar agent -f /etc/logstash/mylogstash.conf 

kibana3安装


wget https://download.elasticsearch.org/kibana/kibana/kibana-latest.zip
unzip kibana-latest.zip
mkdir -p /var/www/logstash/
mv kibana-latest/* /var/www/logstash/
cd /var/www/logstash/app/dashboards
mv logstash.json default.json

还得配置/var/www/logstash/config.js对接elasticsearch接口,指向本地IP,端口是9200。
上面的/var/www/logstash/就是你的web目录。下面是几张kibana的搭建好后的图片。
kibana2

kibana3

kibana4

标签:Linux, Logstash

评论已关闭