JAVA環境:安裝jdk並配置環境變量
官方提示需求java8:
Logstash requires Java 8. Java 9 is not supported.
win7安裝&配置java8教程:
https://jingyan.baidu.com/article/6b97984dec3bbe1ca3b0bf6a.html
打開cmd輸入'java -version'測試
顯示類似如下信息表示配置java環境成功:
java version "1.8.0_191"
Java(TM) SE Runtime Environment (build 1.8.0_191-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.191-b12, mixed mode)
1.下載:官網選擇zip安裝包下載
選擇zip包下載
進:https://www.elastic.co/cn/downloads/logstash
或:https://www.elastic.co/downloads/logstash
2.安裝:解壓logstash-5.6.1.zip到想要目錄
不要選擇有空格的目錄比如C:\Program Files\下,
測試時會報錯"找不到或無法加載主類"
提供該報錯解決:
https://blog.csdn.net/awj3584/article/details/79715907
3.測試啓動:使用控制檯輸入並輸出方式啓動
進入安裝目錄下logstash-5.6.1\bin
shift+鼠標右鍵選擇在'此處打開命令窗口'輸入:
logstash -e 'input { stdin { } } output { stdout {} }'
信息報出:'Successfully started Logstash API endpoint {:port=>9600}'
表示啓動成功,說明安裝成功。
若報錯:"ERROR: Unknown command '{'"
應該是win字符集的問題,修改單引號爲雙引號嘗試
logstash -e "input { stdin { } } output { stdout {} }"
4.測試運行:啓動之後控制檯輸入任意字符測試:'xxx'
顯示如下信息表示成功運行
{
"@timestamp" => 2018-11-18T08:16:09.963Z,
"message" => "xxx\r",
"host" => "PC-xxxxx",
"@version" => "1"
}
5.退出:ctrl+c
終止批處理操作嗎?(Y/N)選擇Y
6.輸出Elasticsearch測試:
win7系統64位Elasticsearch安裝圖文教程:
啓動命令:
logstash -e "input { stdin { } } output { elasticsearch { hosts => localhost } }"
啓動後控制檯輸入任意字符:'mytest1'
瀏覽器訪問搜索api查看數據
http://localhost:9200/_search?pretty # _search表示查看全部;pretty表示格式化顯示
顯示類似如下表示成功:
{
_index: "logstash-2018.11.18",
_type: "doc",
_id: "BV8uJmcBqoUH4vydQOoA",
_score: 1,
_source: {
message: "mytest1 ",
host: "PC-xxxxx",
@timestamp: "2018-11-18T09:37:03.255Z",
@version: "1"
}
},