elk+redis

对常见的elk工具进行总结

cat /etc/issue # 检查系统版本
java -version #


wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
sudo apt-get update
sudo apt-get install elasticsearch -y
sudo service elasticsearch start
echo "deb https://packages.elastic.co/logstash/2.3/debian stable main" | sudo tee -a /etc/apt/sources.list
sudo apt-get install logstash -y
sudo service logstash start
echo "deb http://packages.elastic.co/kibana/4.5/debian stable main" | sudo tee -a /etc/apt/sources.list
sudo apt-get install kibana -y 
sudo service kibana start

sudo service nginx start

# nginx 的配置文件位于 /etc/nginx/sites-available/default

# 添加 access_log /home/shiyanlou/Code/elk/access.log;

接下来是具体的配置文件

# /etc/logstash/conf.d/logstash-shipper.conf

input {
  stdin {}  
  file {
    path => "~/access.log"
    start_position => beginning
    codec =>  multiline {
      'negate' => true
      'pattern' => '^\d'
      'what' => 'previous'
    }
  }
}
output {
    stdout {
        codec => rubydebug
    }
    elasticsearch {
        hosts=>["localhost:9200"]
        index=>"logstash-%{+YYYY.MM.dd}"
    }
}