1、Nginx 日志收集,先安装Nginx
cd /usr/local/logstash/config/etc/,创建如下配置文件,代码如下
Nginx.conf
input { file { type =>"nginx-access" path =>"/usr/local/nginx/logs/access.log" } } output { redis { host =>"localhost" port => 6379 data_type =>"list" key =>"logstash" } } # 如果有redis可以如上添加 没有如下添加 output { elasticsearch { hosts=>"192.168.0.111" #ES服务器IP地址 } }
启动nginx 和Nginx.conf
nohup /usr/local/logstash/bin/logstash -f Nginx.conf &
/usr/local/nginx/sbin/nginx
访问Web页面nginx,在es和kibana上都可以查看到系统日志
2、ELK收集Tomcat日志实战
先安装好tomcat并启动 然后cd /usr/local/logstash/config/etc/,创建如下配置文件,代码如下:
Tomcat.conf
input { file { type =>"tomcat-access" path =>"/usr/local/tomcat/logs/catalina.out" } } output { redis { host =>"localhost" port => 6379 data_type =>"list" key =>"logstash" } } output { elasticsearch { hosts=>"192.168.0.111" } }
启动 nohup /usr/local/logstash/bin/logstash -f Tomcat.conf &
查看kibana 和elasticsearch-head查看日志
