iT邦幫忙

2021 iThome 鐵人賽

DAY 2
1

接下來我們會直接在mac環境上,使用brew來安裝elk,下面就始安裝系統。

Install Elasticsearch

Elasticsearch像是資料庫一樣,能把收集到的log儲存和查詢。

brew install elastic/tap/elasticsearch-full

==> Caveats
Data:    /usr/local/var/lib/elasticsearch/elasticsearch_huang/
Logs:    /usr/local/var/log/elasticsearch/elasticsearch_huang.log
Plugins: /usr/local/var/elasticsearch/plugins/
Config:  /usr/local/etc/elasticsearch/

To have launchd start elastic/tap/elasticsearch-full now and restart at login:
  brew services start elastic/tap/elasticsearch-full
Or, if you don't want/need a background service you can just run:
  elasticsearch

安裝完成後,執行指令啟動elasticsearch

brew services start elastic/tap/elasticsearch-full

查看服務狀態,確認是否正常執行

tail -f /usr/local/var/log/elasticsearch/elasticsearch_huang.log

用瀏覽器檢查訊息 http://localhost:9200/?pretty

{
  "name" : "CY-HUANG",
  "cluster_name" : "elasticsearch_huang",
  "cluster_uuid" : "05loK4i4TVmTdRBUHEpi5g",
  "version" : {
    "number" : "7.14.1",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "66b55ebfa59c92c15db3f69a335d500018b3331e",
    "build_date" : "2021-08-26T09:01:05.390870785Z",
    "build_snapshot" : false,
    "lucene_version" : "8.9.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

Install kibana

Kibana可以用來查詢Elasticsearch中的資料,並且對資料進行圖形化。

brew install elastic/tap/kibana-full

==> Caveats
Config: /usr/local/etc/kibana/
If you wish to preserve your plugins upon upgrade, make a copy of
/usr/local/opt/kibana-full/plugins before upgrading, and copy it into the
new keg location after upgrading.

To have launchd start elastic/tap/kibana-full now and restart at login:
  brew services start elastic/tap/kibana-full
Or, if you don't want/need a background service you can just run:
  kibanaa

設定/usr/local/etc/kibana/kibana.yml

server.port: 5601
server.host: "0.0.0.0"

安裝完成後,執行指令啟動kibana

brew services start elastic/tap/kibana-full

檢查kibana http://localhost:5601/

Install logstash

Logstash 主要工作是把收集的資料進行過濾和特定處理,將處理後的資料儲存到Elasticsearch。

brew install elastic/tap/logstash-full

==> Caveats
Please read the getting started guide located at:
  https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html

To have launchd start elastic/tap/logstash-full now and restart at login:
  brew services start elastic/tap/logstash-full
Or, if you don't want/need a background service you can just run:
  logstash

安裝完成後,執行指令啟動logstash

brew services start elastic/tap/logstash-full

Reference


上一篇
Day01 前言
下一篇
Day03 Filebeat(一) 基本設定
系列文
Elastic Stack(ELK)數據圖表化與異常監控30
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言