ELK Stack latest version test second configuration_PHP tutorial

ELK Stack latest version test second configuration

Please browse before reading this article
The detailed configuration is as follows:
http://blog.chinaunix.net/uid-25057421-id -5567766.html
One, client
1, nginx log format
log_format logstash_json '{ "@timestamp": "$time_iso8601", '
'"host": "$server_addr", '
'"clientip": "$remote_addr", '
'"size": $body_bytes_sent, '
'"responsetime": $request_time, '
'"upstreamtime": "$upstream_response_time ", '
'"upstreamhost": "$upstream_addr", '
'"http_host": "$host", '
'"url": "$uri", '
'" referrer": "$http_referer", '
'"xff": "$http_x_forwarded_for", '
'"agent": "$http_user_agent", '
'"status": "$status"} ';
access_log /data/wwwlogs/access_jerrymin.test.com.log logstash_json;
2, fieldbeat configuration file
filebeat:
prospectors:
-
- /data/wwwlogs /access_jerrymin.test.com.log


doucmenttype:jerrymin.test.com
output:
logstash:
enabled: true
hosts: ["192.168.0.58 :5044"]
shipper:
3, topbeat configuration file
input:
# In seconds, defines how often to read server statistics
period: 10


# Regular expression to match the processes that are monitored
# By default, all the processes are monitored
procs: [".*"]


# Statistics to collect (all enabled by default)
stats:
system: true
proc: true
filesystem: true
output:


### Elasticsearch as output
elasticsearch :
hosts: ["192.168.0.58:9200"]
shipper:
logging:
files:
rotateeverybytes: 10485760 # = 10MB
Second, server configuration
1. Logstash configuration file
[root@localhost logstash]# cat /etc/logstash/conf.d/nginxconf.json
input {
beats {
port => 5044
codec = > json
}
}


filter {
mutate {
split => [ "upstreamtime", "," ]
}
mutate {
convert => [ "upstreamtime", "float" ]
}
}


output {
elasticsearch {
hosts => "192.168.0.58: 9200"
sniffing => true
manage_template => false
# index => "%{[@metadata][beat]}-%{ YYYY.MM.dd}"
index => "filebeat-%{type}-%{ YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}
2, elasticsearch configuration File
[root@localhost logstash]# cat /etc/elasticsearch/elasticsearch.yml |grep -Ev "^#|^$"
path.data: /data
path.logs: /data/ elklogs
network.host: 192.168.0.58
http.port: 9200
3, kibana configuration file
[root@localhost config]# cat /var/kibana/config/kibana.yml
# Kibana is served by a back end server. This controls which port to use.
server.port: 5601


# The host to bind the server to.
server.host : "0.0.0.0"


# The Elasticsearch instance to use for all your queries.
elasticsearch.url: "http://192.168.0.58:9200"
Three, Tengine Reverse proxy configuration
cat /usr/local/nginx/conf/vhosts_all/kibana.conf
server
{
listen 8888;
server_name 192.168.0.58
index index.html index.shtml;

location / {
proxy_pass http://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
auth_basic "Please input Username and Password";
auth_basic_user_file /usr/local/nginx/conf/.pass_file;
}


access_log /data/wwwlogs/access.kibana.log access;
}
Four. Log in to the platform
http://192.168.0.58:8888
1, create index


2. Create a view


3. Create a panel

http://www.bkjia.com/PHPjc/1081463.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1081463.htmlTechArticleELK Stack latest version test second configuration article before reading this article, please browse the detailed configuration as follows: http://blog.chinaunix .net/uid-25057421-id-5567766.html 1. Client 1, nginx log format...