版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/powerccna/article/details/86561555
1. 下载filebeat
ELK 体系里面 beats是log收集的模块,相当于garafana监控系统里面的各种agent,beats里面分为多种beat, 分为filebeat,
Packetbeat 和Metricbeat。 这次我们只是log分析,安装filebeat就可以了
# wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.5.4-linux-x86_64.tar.gz
# tar -zxvf filebeat-6.5.4-linux-x86_64.tar.gz
2. 修改filebeat.yml 文件
#vi filebeat.yml
filebeat.inputs:
# Each - is an input. Most options can be set at the input level, so
# you can use different inputs for various configurations.
# Below are the input specific configurations.
- type: log
enabled: true
paths:
- /usr/local/a2p/log/*.log
encoding: utf-8
document_type: sms_system_log
multiline.pattern: ^20
multiline.negate: true
multiline.match: after
- type: log
enabled: true
paths:
- /usr/local/a2p/log/*.cdr.*
encoding: utf-8
document_type: sms_cdr
multiline.pattern: ^20
multiline.negate: true
multiline.match: after
name: "HK_SMS_184"
#output.elasticsearch: #必须注释了
# Array of hosts to connect to.
# hosts: ["localhost:9200"] # 必须注释了
output.logstash:
# The Logstash hosts
hosts: ["172.31.216.34:5044"]3. 启动filebeat
# more start.sh
#!/usr/bin/bash
basepath=$(cd `dirname $0`; pwd)
nohup ./filebeat -c filebeat.yml -path.logs $basepath/logs &到此为止,整个日志系统的监控平台安装完毕,后期将会慢慢研究怎么用的更好。