docker搭建ELK日誌採集系統（三）

docker搭建ELK日誌採集系統（三）

參考：https://zhuanlan.zhihu.com/p/107346014?from_voters_page=true

環境：

服務器	系統	IP	掩碼
elk	centos 7	10.99.101.232	255.255.255.0

三、docker安裝logstash

docker pull logstash:7.6.0
mkdir /home/elk/logstashconfig
vi /home/elk/logstashconfig/logstash.conf
input {
    tcp {
        port => 5044
        codec => "plain"
    }
}
filter{
}
output {
    # 這個是logstash的控制檯打印（進行安裝調試的開啓，稍後成功後去掉這個配置即可）
    stdout {
        codec => rubydebug
    }
    # elasticsearch配置
    elasticsearch {
        hosts => ["10.99.101.232:9200"]
    }
}

docker run -di -p 5044:5044 -v /home/elk/logstashconfig/logstash.conf:/usr/share/logstash/pipeline/logstash.conf --name logstash --privileged=true logstash:7.6.0


docker container ls -a

CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS                                            NAMES
8dac3cd3be1e        logstash:7.6.0        "/usr/local/bin/do..."   11 seconds ago      Up 11 seconds       0.0.0.0:5044->5044/tcp, 9600/tcp                 logstash
4cb4808e9edb        kibana:7.6.0          "/usr/local/bin/du..."   2 hours ago         Up 2 hours          0.0.0.0:5601->5601/tcp                           kibana
9073ef7cb7d3        elasticsearch:7.6.0   "/usr/local/bin/do..."   4 hours ago         Up 2 hours          0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp   elasticsearch

docker update --restart=always 8dac3cd3be1e

firewall-cmd --add-port=5044/tcp --permanent
firewall-cmd --add-port=9600/tcp --permanent
firewall-cmd --reload