elk 簡介
Elasticsearch是個開源分布式搜索引擎怔匣,它的特點有:分布式,零配置桦沉,自動發(fā)現(xiàn),索引自動分片金闽,索引副本機制纯露,restful風格接口,多數(shù)據(jù)源代芜,自動搜索負載等埠褪。
Logstash是一個完全開源的工具,他可以對你的日志進行收集挤庇、過濾钞速,并將其存儲供以后使用(如,搜索)嫡秕。
Kibana 也是一個開源和免費的工具渴语,它Kibana可以為 Logstash 和 ElasticSearch 提供的日志分析友好的 Web 界面,可以幫助您匯總昆咽、分析和搜索重要數(shù)據(jù)日志驾凶。
有需要的聯(lián)系我2317384986? ? yxxy1717
elk下載地址:https://www.elastic.co/downloads/
建議在 linux上運行牙甫,elk在windows上支持得不好,另外需要jdk1.8 的支持调违,需要提前安裝好jdk.
下載完之后: 安裝窟哺,以logstash為栗子:
cd /usr/local/
mkdir logstash
tar -zxvf logstash-5.3.2.tar.gz
mv logstash-5.3.2 /usr/local/logstash
打開Elasticsearch的配置文件:
vim config/elasticsearch.yml
1
修改配置:
network.host=localhostnetwork.port=9200
1
2
3
它默認就是這個配置技肩,沒有特殊要求且轨,在本地不需要修改。
啟動Elasticsearch
./bin/elasticsearch
1
2
啟動成功虚婿,訪問localhost:9200,網(wǎng)頁顯示:
{? "name" :"56IrTCM",? "cluster_name" :"elasticsearch",? "cluster_uuid" :"e4ja7vS2TIKI1BsggEAa6Q",? "version" :{? ? "number" :"5.2.2",? ? "build_hash" :"f9d9b74",? ? "build_date" :"2017-02-24T17:26:45.835Z",? ? "build_snapshot" :false,? ? "lucene_version" :"6.4.1"},? "tagline" :"You Know, for Search"}
1
2
3
4
5
6
7
8
9
10
11
12
13
在 logstash的主目錄下:
vim config/log4j_to_es.conf
1
2
修改 log4j_to_es.conf 如下:
input {? log4j {? ? mode=>"server"host=>"localhost"port=>4560}}filter {#Onlymatcheddataare sendtooutput.}output {? ? elasticsearch {? ? action=>"index"#TheoperationonES? ? hosts=>"localhost:9200"#ElasticSearchhost, can bearray.index=>"applog"#Theindextowritedatato.}}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
修改完配置后啟動:
./bin/logstash-fconfig/log4j_to_es.conf
1
2
終端顯示如下:
訪問localhost:9600
{"host":"Pc-20130412.local","version":"5.3.2","http_address":"127.0.0.1:9600","id":"e6bb985c-c688-49a4-a55b-4d362bb4136f","name":"Pc-20130412.local","build_date":"2017-04-24T16:32:22Z","build_sha":"242159a5eea55fe213fe5c852d36455e24252c82","build_snapshot":false}
1
2
3
4
證明logstash啟動成功。
到kibana的安裝目錄:
./bin/kibana
1
默認配置即可黄绩。
訪問localhost:5601,網(wǎng)頁顯示:
證明啟動成功玷过。
起步依賴如下:
org.springframework.bootspring-boot-starterorg.springframework.bootspring-boot-starter-loggingorg.springframework.bootspring-boot-starter-log4j1.3.8.RELEASEorg.springframework.bootspring-boot-starter-testtest
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
log4j的配置爽丹,/src/resources/log4j.properties如下:
log4j.rootLogger=INFO,console# for package com.demo.elk, log would be sent to socket appender.log4j.logger.com.forezp=DEBUG, socket# appender socketlog4j.appender.socket=org.apache.log4j.net.SocketAppenderlog4j.appender.socket.Port=4560log4j.appender.socket.RemoteHost=localhostlog4j.appender.socket.layout=org.apache.log4j.PatternLayoutlog4j.appender.socket.layout.ConversionPattern=%d [%-5p] [%l] %m%nlog4j.appender.socket.ReconnectionDelay=10000# appender consolelog4j.appender.console=org.apache.log4j.ConsoleAppenderlog4j.appender.console.target=System.outlog4j.appender.console.layout=org.apache.log4j.PatternLayoutlog4j.appender.console.layout.ConversionPattern=%d [