參考
https://help.aliyun.com/document_detail/74927.html?spm=a2c4g.11186623.6.639.47e8266aHAxbMV
安裝nginx 和 配置nginx
user www www;
worker_processes 8; #設置值和CPU核心數一致
error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; #日誌位置和日誌級別
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#下面是server虛擬主機的配置
server
{
listen 80;#監聽端口
server_name 127.0.0.1;#域名
index index.html index.htm index.php;
root /usr/local/webserver/nginx/html;#站點目錄
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$
{
expires 30d;
# access_log off;
}
location / {
allow 192.168.0.0/16;
allow 172.18.0.0/16;
deny all;
proxy_pass <釘釘機器人地址>;
}
location ~ .*\.(js|css)?$
{
expires 15d;
# access_log off;
}
access_log off;
}
}
## 備註 ###
nginx 只准內網訪問 (添加安全組或以下方法)
#配置清單
location / {
# block one workstation 禁止單個ip
deny 192.168.0.1;
# allow anyone in 192.168.1.0/24
allow 192.168.0.0/16;
# drop rest of the world
deny all;
}
kibana 配置報警文檔
在左側菜單欄,單擊Dev Tools(開發工具)。
在Console中執行如下命令創建一個報警文檔。
以下示例以創建s1爲例,每隔1800s查詢logs索引中是否出現error日誌,如果出現5次以上則觸發報警。
PUT _xpack/watcher/watch/s1
{
"trigger": {
"schedule": {
"interval": "1800s"
}
},
"input": {
"search": {
"request": {
"indices": ["s1-*"],
"body": {
"query": {
"match": {
"message": "error"
}
}
}
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gt": 5
}
}
},
"actions" : {
"test_issue" : {
"webhook" : {
"method" : "POST",
"url" : "http://192.168.0.5:80",
"body" : "{\"msgtype\": \"text\", \"text\": { \"content\": \"s1 error 日誌出現了(30分鐘內大於5次),請儘快處理\"}}"
}
}
}
}
刪除
DELETE _xpack/watcher/watch/s1
查詢
GET _xpack/watcher/watch/s1