Elastci Stack分析日誌的利器,其中最重要的組件有ElasticSearch, Kibana, Logstash, Filebeat,本文記錄快速搭建步驟,以及收集nginx的日誌
安裝ElasticSearch
https://www.elastic.co/cn/downloads/elasticsearch
ps: 推薦下載安裝版本,因爲可以方便作爲服務啓動
# 下載
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.1-x86_64.rpm
# 安裝
sudo rpm -i elasticsearch-7.14.1-x86_64.rpm
# 啓動
sudo systemctl start elasticsearch.service
# 日誌目錄
cd /var/log/elasticsearch/
安裝Kibana
https://www.elastic.co/cn/downloads/kibana
# 下載
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.14.1-x86_64.rpm
# 安裝
sudo rpm -i kibana-7.14.1-x86_64.rpm
# 啓動
sudo systemctl start kibana.service
# 日誌目錄
cd /var/log/kibana
ps: 其實跟elastic search是一模一樣的
安裝FileBeat
https://www.elastic.co/cn/downloads/beats/filebeat
相同方法就不囉嗦了