logstash和kibana安裝

es已在上篇文章安裝過
http://blog.csdn.net/feifeichongtian/article/details/79088274
本章我們來學習安裝logstash和kibana。
1:logstash安裝
1，下載
[plain] view plain copy
wget https://artifacts.elastic.co/downloads/logstash/logstash-6.1.0.tar.g

2.解壓
[plain] view plain copy
tar -zxvf logstash-5.6.0.tar.g
3.修改配置文件
[plain] view plain copy
[master@node0 soft]$ vi logstash-6.1.0/config/logstash.conf
[plain] view plain copy
input{stdin {} file { path => "/home/master/soft/test.log" start_position => "beginning" }}
output { elasticsearch { hosts => ["node0:9200"] }}
4.啟動
[plain] view plain copy
[master@node0 logstash-6.1.0]$ ./bin/logstash -f config/logstash.conf
[plain] view plain copy
Sending Logstash's logs to /home/master/soft/logstash-6.1.0/logs which is now configured via log4j2.properties
[2018-01-14T20:14:26,639][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"netflow", :directory=>"/home/master/soft/logstash-6.1.0/modules/netflow/configuration"}
[2018-01-14T20:14:26,689][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"fb_apache", :directory=>"/home/master/soft/logstash-6.1.0/modules/fb_apache/configuration"}
[2018-01-14T20:14:27,836][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-01-14T20:14:29,376][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.1.0"}
[2018-01-14T20:14:30,369][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-01-14T20:14:36,827][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://node0:9200/]}}
[2018-01-14T20:14:36,859][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://node0:9200/, :path=>"/"}
[2018-01-14T20:14:37,434][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://node0:9200/"}
[2018-01-14T20:14:37,606][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>nil}
[2018-01-14T20:14:37,614][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>6}
[2018-01-14T20:14:37,664][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2018-01-14T20:14:37,714][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"default"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
[2018-01-14T20:14:37,826][INFO ][logstash.outputs.elasticsearch] Installing elasticsearch template to _template/logstash
[2018-01-14T20:14:38,264][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//node0:9200"]}
[2018-01-14T20:14:38,362][INFO ][logstash.pipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125, :thread=>"#<Thread:0x7df41267 run>"}
[2018-01-14T20:14:39,432][INFO ][logstash.pipeline ] Pipeline started {"pipeline.id"=>"main"}
The stdin plugin is now waiting for input:
[2018-01-14T20:14:39,815][INFO ][logstash.agent ] Pipelines running {:count=>1, :pipelines=>["main"]}

啟動成功！
2:kibana安裝
1.下載
[plain] view plain copy
wget wget https://download.elastic.co/kibana/kibana/kibana-6.1.1-linux-x86_64.tar.gz
tar -xzvf kibana-6.1.1-linux-x86_64.tar.gz
2.配置文件
[plain] view plain copy
[master@node0 kibana-6.1.1-linux-x86_64]$ vi config/kibana.yml

#elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or Elasticsearch. This value

must be a positive integer.

#elasticsearch.requestTimeout: 30000

List of Kibana client-side headers to send to Elasticsearch. To send no client-side

headers, set this value to [] (an empty list).

#elasticsearch.requestHeadersWhitelist: [ authorization ]

Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten

by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.

#elasticsearch.customHeaders: {}

Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.

#elasticsearch.shardTimeout: 0

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.

#elasticsearch.startupTimeout: 5000

Specifies the path where Kibana creates the process ID file.

#pid.file: /var/run/kibana.pid

Enables you specify a file where Kibana stores log output.

#logging.dest: stdout

Set the value of this setting to true to suppress all logging output.

#logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

#logging.quiet: false

Set the value of this setting to true to log all events, including system usage information

and all requests.

#logging.verbose: false

Set the interval in milliseconds to sample system and process performance

metrics. Minimum is 100ms. Defaults to 5000.

#ops.interval: 5000

The default locale. This locale can be used in certain circumstances to substitute any missing

translations.

#i18n.defaultLocale: "en"
server.port: 5601
server.host: "node0"
elasticsearch.url: http://node0:9200
kibana.index: ".kibana"
3.啟動
[plain] view plain copy
[master@node0 kibana-6.1.1-linux-x86_64]$ bin/kibana &
[master@node0 kibana-6.1.1-linux-x86_64]$ log [11:54:38.662] [info][status][plugin:kibana@6.1.1] Status changed from uninitialized to green - Ready
log [11:54:38.759] [info][status][plugin:elasticsearch@6.1.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [11:54:38.793] [info][status][plugin:console@6.1.1] Status changed from uninitialized to green - Ready
log [11:54:38.824] [info][status][plugin:metrics@6.1.1] Status changed from uninitialized to green - Ready
log [11:54:39.533] [info][status][plugin:timelion@6.1.1] Status changed from uninitialized to green - Ready
log [11:54:39.542] [fatal] Port 5601 is already in use. Another instance of Kibana may be running!
FATAL Port 5601 is already in use. Another instance of Kibana may be running!
4.看效果

圖片
這是我的es因為只有一個節點，所以有undifind

圖片在這里

elk的搭建完成了