一、下载地址
官网地址:https://www.elastic.co/cn/downloads/past-releases#logstash
注:ElasticSearch+Logstash+Kibana 三个版本号必须保持一致
前面文章已经介绍如何安装ElasticSearch:https://www.cnblogs.com/sportsky/p/16057247.html
二、环境搭建
1、下载logstash
2、文件上传到linux 并解压
|
1 2 |
--<span style="color: rgba(0, 0, 0, 1);"> 解压 tar </span>-zxvf logstash-<span style="color: rgba(128, 0, 128, 1);">7.0</span>.<span style="color: rgba(128, 0, 128, 1);">0</span>.tar.gz |
3、修改config目录下的配置文件logstash-sample.conf
|
1 |
vi config/logstash-sample.conf |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
<span style="color: rgba(0, 0, 0, 1);">input { file { #收集日志路径 path </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">/data/logs/webui/*.log</span><span style="color: rgba(128, 0, 0, 1);">" <span style="color: rgba(0, 0, 0, 1);"> #文件的开始</span></span><span style="color: rgba(0, 0, 0, 1);"> start_position </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">beginning</span><span style="color: rgba(128, 0, 0, 1);">" </span><span style="color: rgba(0, 0, 0, 1);"> #服务名称 type </span>=><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">application-webui-log</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> } file { path </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">/data/logs/webapi/*.log</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> start_position </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">beginning</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> type </span>=><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">application-webapi-log</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> } } output { </span><span style="color: rgba(0, 0, 255, 1);">if</span> [type] == <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">application-webui-log</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> { elasticsearch { #elasticsearch服务地址和端口 hosts </span>=> [<span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">http://localhost:9200</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);">] #根据每天创建索引 默认doc index </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">webui-%{+YYYY.MM.dd}</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> #user </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">elastic</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> #password </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">changeme</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> } } </span><span style="color: rgba(0, 0, 255, 1);">if</span> [type] == <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">application-webapi-log</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> { elasticsearch { hosts </span>=> [<span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">http://localhost:9200</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);">] index </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">webapi-%{+YYYY.MM.dd}</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> #user </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">elastic</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> #password </span>=> <span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">changeme</span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(0, 0, 0, 1);"> } } }</span> |
4、创建目录文件并写入日志数据
|
1 2 3 4 5 6 7 8 9 10 |
---<span style="color: rgba(0, 0, 0, 1);"> 这里只是模拟读取生成日志文件 # 创建日志目录 mkdir </span>/data/logs/<span style="color: rgba(0, 0, 0, 1);">webui mkdir </span>/data/logs/<span style="color: rgba(0, 0, 0, 1);">webapi #向目录写入日志 echo </span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">2022-04-18 22:22:30|webui日志</span><span style="color: rgba(128, 0, 0, 1);">"</span> >>/data/logs/webui/<span style="color: rgba(128, 0, 128, 1);">2022</span>-<span style="color: rgba(128, 0, 128, 1);">04</span>-<span style="color: rgba(128, 0, 128, 1);">18</span><span style="color: rgba(0, 0, 0, 1);">.log echo </span><span style="color: rgba(128, 0, 0, 1);">"</span><span style="color: rgba(128, 0, 0, 1);">2022-04-18 22:22:30|webapi日志</span><span style="color: rgba(128, 0, 0, 1);">"</span> >>/data/logs/webapi/<span style="color: rgba(128, 0, 128, 1);">2022</span>-<span style="color: rgba(128, 0, 128, 1);">04</span>-<span style="color: rgba(128, 0, 128, 1);">18</span>.log |
5、启动并加载配置文件(这里已配置ouput,所以先启动elasticsearch服务)
|
1 2 |
<span style="color: rgba(0, 0, 0, 1);">#进入bin目录 .</span>/logstash -f ../config/logstash-sample.conf |
6、后台启动
|
1 2 |
<span style="color: rgba(0, 0, 0, 1);">#进入bin目录 .</span>/logstash -f ../config/logstash-sample.conf & |
此时日志文件已经被收集存储到es
下篇文章将介绍部署可视化Kibana ,即可在页面上查看被存储的日志文件和数据