Logstash是一个开源的日志管理工具。项目地址:http://logstash.net/Logstash安装使用以下组件: Logstash Elasticsearch Redis Nginx Kibana 服务端: fqdn: dev.kanbier.lan (should be resolvable!) ip: 10.37.129.8 安装所需的软件 作者更喜欢使用RPM包
Logstash是一个开源的日志管理工具。 项目地址:http://logstash.net/ Logstash安装使用以下组件:- Logstash
- Elasticsearch
- Redis
- Nginx
- Kibana
- fqdn: dev.kanbier.lan (should be resolvable!)
- ip: 10.37.129.8
安装所需的软件
作者更喜欢使用RPM包来安装软件,要注意版本号,不要去追求时髦用最新的最伟大的,Elasticsearch的版本应该匹配Logstash的版本。$ vi /etc/yum.repos.d/logstash.repo [logstash-1.4] name=logstash repository for 1.4.x packages baseurl=http://packages.elasticsearch.org/logstash/1.4/centos gpgcheck=1 gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch enabled=1 $ vi /etc/yum.repos.d/elasticsearch.repo [elasticsearch-1.0] name=Elasticsearch repository for 1.0.x packages baseurl=http://packages.elasticsearch.org/elasticsearch/1.0/centos gpgcheck=1 gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch enabled=1 $ vi /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1 $ rpm -Uvh http://mirror.1000mbps.com/fedora-epel/6/i386/epel-release-6-8.noarch.rpm $ yum -y install elasticsearch redis nginx logstash
启用Kibana
$ wget https://download.elasticsearch.org/kibana/kibana/kibana-3.0.0.tar.gz $ tar -xvzf kibana-3.0.0.tar.gz $ mv kibana-3.0.0 /usr/share/kibana3我们需要告诉Kibana在哪里可以找到elasticsearch。打开配置文件并修改elasticsearch参数:
$ vi /usr/share/kibana3/config.js搜索“elasticsearch”参数,并对其进行修改以适应您的环境:
elasticsearch: "http://dev.kanbier.lan:9200",您还可以修改default_route参数,默认打开logstash仪表板而不是Kibana欢迎页面:
default_route : '/dashboard/file/logstash.json',通过web界面访问:
$ wget https://raw.github.com/elasticsearch/kibana/master/sample/nginx.conf $ mv nginx.conf /etc/nginx/conf.d/ $ vi /etc/nginx/conf.d/nginx.conf server_name dev.kanbier.lan;
配置redis
$ vi /etc/redis.conf bind 10.37.129.8
配置Logstash?
可以使用Logstash文档上的logstash-complex.conf文件,并不是很负责,包含:- 从 /var/log目录读取文件
- 打开5544端口以启用直接接收远程系统日志消息
- 告诉logstash,利用本身的elasticsearch而不是嵌入的
$ vi /etc/logstash/conf.d/logstash-complex.conf
input {
file {
type => "syslog"
# Wildcards work, here
path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
sincedb_path => "/opt/logstash/sincedb-access"
}
redis {
host => "10.37.129.8"
type => "redis-input"
data_type => "list"
key => "logstash"
}
syslog {
type => "syslog"
port => "5544"
}
}
filter {
grok {
type => "syslog"
match => [ "message", "%{SYSLOGBASE2}" ]
add_tag => [ "syslog", "grokked" ]
}
}
output {
elasticsearch { host => "dev.kanbier.lan" }
}
启动服务
$ service redis start; chkconfig redis on $ service elasticsearch start; chkconfig --add elasticsearch; chkconfig elasticsearch on $ service logstash start; chkconfig logstash on $ service nginx start; chkconfig nginx on对于rsyslog现在你可以将这些行添加到/ etc/ rsyslog.conf
# ### begin forwarding rule ### # The statement between the begin ... end define a SINGLE forwarding # rule. They belong together, do NOT split them. If you create multiple # forwarding rules, duplicate the whole block! # Remote Logging (we use TCP for reliable delivery) # # An on-disk queue is created for this action. If the remote host is # down, messages are spooled to disk and sent when it is up again. $WorkDirectory /var/lib/rsyslog # where to place spool files $ActionQueueFileName fwdRule1 # unique name prefix for spool files $ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) $ActionQueueSaveOnShutdown on # save messages to disk on shutdown $ActionQueueType LinkedList # run asynchronously $ActionResumeRetryCount -1 # infinite retries if host is down # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional *.* @@10.37.129.8:5544 # ### end of the forwarding rule ###
如果有防火墙需要放开这些端口:
- port 80 (for the web interface)
- port 5544 (to receive remote syslog messages)
- port 6379 (for the redis broker)
- port 9200 (so the web interface can access elasticsearch)
译自:http://www.denniskanbier.nl/blog/logging/installing-logstash-on-rhel-and-centos-6/
原文地址:Logstash 日志管理工具, 感谢原作者分享。
When should you use a composite index versus multiple single-column indexes?Apr 11, 2025 am 12:06 AMIn database optimization, indexing strategies should be selected according to query requirements: 1. When the query involves multiple columns and the order of conditions is fixed, use composite indexes; 2. When the query involves multiple columns but the order of conditions is not fixed, use multiple single-column indexes. Composite indexes are suitable for optimizing multi-column queries, while single-column indexes are suitable for single-column queries.
How to identify and optimize slow queries in MySQL? (slow query log, performance_schema)Apr 10, 2025 am 09:36 AMTo optimize MySQL slow query, slowquerylog and performance_schema need to be used: 1. Enable slowquerylog and set thresholds to record slow query; 2. Use performance_schema to analyze query execution details, find out performance bottlenecks and optimize.
MySQL and SQL: Essential Skills for DevelopersApr 10, 2025 am 09:30 AMMySQL and SQL are essential skills for developers. 1.MySQL is an open source relational database management system, and SQL is the standard language used to manage and operate databases. 2.MySQL supports multiple storage engines through efficient data storage and retrieval functions, and SQL completes complex data operations through simple statements. 3. Examples of usage include basic queries and advanced queries, such as filtering and sorting by condition. 4. Common errors include syntax errors and performance issues, which can be optimized by checking SQL statements and using EXPLAIN commands. 5. Performance optimization techniques include using indexes, avoiding full table scanning, optimizing JOIN operations and improving code readability.
Describe MySQL asynchronous master-slave replication process.Apr 10, 2025 am 09:30 AMMySQL asynchronous master-slave replication enables data synchronization through binlog, improving read performance and high availability. 1) The master server record changes to binlog; 2) The slave server reads binlog through I/O threads; 3) The server SQL thread applies binlog to synchronize data.
MySQL: Simple Concepts for Easy LearningApr 10, 2025 am 09:29 AMMySQL is an open source relational database management system. 1) Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2) Basic operations: INSERT, UPDATE, DELETE and SELECT. 3) Advanced operations: JOIN, subquery and transaction processing. 4) Debugging skills: Check syntax, data type and permissions. 5) Optimization suggestions: Use indexes, avoid SELECT* and use transactions.
MySQL: A User-Friendly Introduction to DatabasesApr 10, 2025 am 09:27 AMThe installation and basic operations of MySQL include: 1. Download and install MySQL, set the root user password; 2. Use SQL commands to create databases and tables, such as CREATEDATABASE and CREATETABLE; 3. Execute CRUD operations, use INSERT, SELECT, UPDATE, DELETE commands; 4. Create indexes and stored procedures to optimize performance and implement complex logic. With these steps, you can build and manage MySQL databases from scratch.
How does the InnoDB Buffer Pool work and why is it crucial for performance?Apr 09, 2025 am 12:12 AMInnoDBBufferPool improves the performance of MySQL databases by loading data and index pages into memory. 1) The data page is loaded into the BufferPool to reduce disk I/O. 2) Dirty pages are marked and refreshed to disk regularly. 3) LRU algorithm management data page elimination. 4) The read-out mechanism loads the possible data pages in advance.
MySQL: The Ease of Data Management for BeginnersApr 09, 2025 am 12:07 AMMySQL is suitable for beginners because it is simple to install, powerful and easy to manage data. 1. Simple installation and configuration, suitable for a variety of operating systems. 2. Support basic operations such as creating databases and tables, inserting, querying, updating and deleting data. 3. Provide advanced functions such as JOIN operations and subqueries. 4. Performance can be improved through indexing, query optimization and table partitioning. 5. Support backup, recovery and security measures to ensure data security and consistency.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
Zend Studio 13.0.1
Powerful PHP integrated development environment
SublimeText3 Chinese version
Chinese version, very easy to use
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
