Go home
More......
博客目录
博客 2014-12-16

1.主机分配:

192.168.100.11  redis elasticsearch  logstash(server)

192.168.100.12  logstash(agent)

2.下载:

wget "https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz" 
wget " https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.1.1.tar.gz"

注意:logstash-1.4.2 与 elasticsearch-1.1.1 版本配套

3.配置192.168.100.11(Central) 主机:

sudo apt-get install redis-server

/etc/init.d/redis-server start  


tar xzf elasticsearch-1.1.1.tar.gz

cd elasticsearch-1.1.1

./bin/elasticsearch & 


tar xzf logstash-1.4.2.tar.gz

cd logstash-1.4.2

./bin/logstash -f server.conf   

cat  server.conf
input { 
redis { 
host => "192.168.100.11" 
type => "redis-input" 
data_type => "list" 
key => "logstash" 
} 
}
output { 
stdout { } 
elasticsearch { 
cluster => "elasticsearch" 
} 
}


4.配置192.168.100.12(agent) 主机:

tar xzf logstash-1.4.2.tar.gz

cd logstash-1.4.2

./bin/logstash -f shipper.conf

cat shipper.conf
input { 
file { 
type => "syslog" 
path => ["/var/log/secure", "/var/log/messeges"] 
} 
}
output { 
stdout { } 
redis { 
host => "192.168.100.11" 
data_type => "list" 
key => "logstash" 
} 
}

ssh 192.168.100.12


就会有日志输出来了。

注意: 两个 conf 的key 要一样 

5.看结果与图形:

结果     http://192.168.100.11:9200/_search?q=type:syslog&pretty=true

图形  在192.168.100.11上

./bin/logstash web & 


http://192.168.100.11:9292




发表评论