1. 下载filebeat
ELK 体系里面 beats是log收集的模块,相当于garafana监控系统里面的各种agent,beats里面分为多种beat, 分为filebeat,
Packetbeat 和Metricbeat。 这次我们只是log分析,安装filebeat就可以了
tar -zxvf filebeat-6.5.4-linux-x86_64.tar.gz
2. 修改filebeat.yml 文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
1. #vi filebeat.yml
2. filebeat.inputs:
3.
4. # Each - is an input. Most options can be set at the input level, so
5. # you can use different inputs for various configurations.
6. # Below are the input specific configurations.
7.
8. - type: log
9. enabled: true
10. paths:
11. - /usr/local/a2p/log/*.log
12. encoding: utf-8
13. document_type: sms_system_log
14. multiline.pattern: ^20
15. multiline.negate: true
16. multiline.match: after
17.
18. - type: log
19. enabled: true
20. paths:
21. - /usr/local/a2p/log/*.cdr.*
22. encoding: utf-8
23. document_type: sms_cdr
24. multiline.pattern: ^20
25. multiline.negate: true
26. multiline.match: after
27.
28. name: "HK_SMS_184"
29.
30. #output.elasticsearch: #必须注释了
31. # Array of hosts to connect to.
32. # hosts: ["localhost:9200"] # 必须注释了
33.
34. output.logstash:
35. # The Logstash hosts
36. hosts: ["172.31.216.34:5044"]
|
3. 启动filebeat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
1. # more start.sh
2. #!/usr/bin/bash
3.
4. basepath=$(cd `dirname $0`; pwd)
5. nohup ./filebeat -c filebeat.yml -path.logs $basepath/logs &
|
到此为止,整个日志系统的监控平台安装完毕,后期将会慢慢研究怎么用的更好。
