系统环境:
IP:192.168.0.156
ruby环境准备
yum -y install ruby-devel ruby-libs ruby-rdoc ruby-ri ruby-static ruby-tcltk rubygem-flexmock rubygem-rake rubygems rubygems-devel ruby
JAVA环境变量设置
tar xzf /soft/jdk-8u77-linux-x64.gz -C /usr/local/
vim /etc/profile
#JAVA evn
export JAVA_HOME=/usr/local/jdk1.8.0_77
#export JAVA_HOME=/usr/local/jdk1.7.0_79
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$JAVA_HOME/bin:$PATH
source /etc/profile
java –version
java version "1.8.0_77"
Java(TM) SE Runtime Environment (build 1.8.0_77-b03)
Java HotSpot(TM) 64-Bit Server VM (build 25.77-b03, mixed mode)
logstash
安装
tar xzf logstash-2.3.2.tar.gz -C /uc/
cd /uc/logstash-2.3.2
测试
bin/logstash -e 'input { stdin { } } output { stdout {} }'
配置
vim /uc/conf/sample.conf
input {
file {
path => "/var/log/httpd/access_log"
start_position => beginning
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch{
hosts => [ "127.0.0.1:9200"]
}
# stdout { codec => json }
stdout { codec => rubydebug }
}
/uc/logstash-2.3.1/bin/logstash -f /uc/conf/sample.conf –t 测试配置文件是否正确
启动
/uc/logstash-2.3.2/bin/logstash -f /uc/conf/sample.conf &
elasticsearch
安装
tar xzf /soft/ELK/elasticsearch-2.3.3.tar.gz -C /uc/
groupadd elastic
useradd -g elastic search
chown -R search.elastic /uc/elasticsearch-2.3.3/
启动
su – search
启动 pid是一个文件,用于文件关闭elasticsearch程序
touch /uc/pid
/uc/elasticsearch-2.3.3/bin/elasticsearch -p /uc/pid &
关闭
kill -9 `cat /uc/pid/`
配置
vim /uc/elasticsearch-2.3.3/config/elasticsearch.yml
cluster.name: sanm
node.name: node-1
network.host: 127.0.0.1
http.port: 9200
kibana
安装
tar xzf /soft/ELK/kibana-4.5.1-linux-x64.tar.gz -C /uc/
cd /uc/kibana-4.5.1-linux-x64/
配置
vim /uc/kibana-4.5.1-linux-x64/config/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: http://127.0.0.1:9200
kibana.defaultAppId: "discover"
启动
/uc/kibana-4.5.1-linux-x64/bin/kibana &