Ubuntu服务器安装Logstash --- 学习与部署ELK系统(二)

一、直接查看官网相关安装信息

点击进去

  • 先安装相关的秘钥
APT
Download and install the Public Signing Key:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
You may need to install the apt-transport-https package on Debian before proceeding:

sudo apt-get install apt-transport-https
Save the repository definition to  /etc/apt/sources.list.d/elastic-7.x.list:

echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

安装命令

sudo apt-get update && sudo apt-get install logstash

这时候会报错内存不足,这个跟elasticsearch安装的时候遇到的错误类似,都是需要去到配置文件修改/etc/logstash/jvm.options,将原本的启动内存和最大内存修改为,内存根据自己的实际分配,再次运行上方命令即可

-Xms256m
-Xmx256m

到这步是可以了,现在配置简单的演示

vi /etc/logstash/conf.d/elk.conf
#添加以下配置
 input {
        file {
            path => "/var/log/syslog"
            type => "system"
            start_position => "beginning"
            }
    }
    output {    
             elasticsearch {
                    hosts => ["hosts:9200"]
                    index => "system-%{+YYYY.MM.dd}"
                }
    }
说明:input输入,日志来源,类型;output输出,hosts,指定es
启动:logstash -f /etc/logstash/conf.d/elk.conf       (可以建个软连接
ln -s /usr/share/logstash/bin/logstash /bin/)

然后访问es就可以看到效果了,上次安装忘了装elasticsearch-head插件,将重新更新那篇文章,补充这部分内容

PS:

1、欢迎访问我的个人站点:小白求学进阶

2、欢迎访问我的CSDN博客:小白求学进阶

3、微信公众号:

# ELK  Logstash 

评论

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×