部署Kibana
docker run -d --restart=always --name kibana_yaming -v /home/yaming/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml -e ELASTICSEARCH_HOSTS=http://192.168.0.11:9210 -e ELASTICSEARCH_USERNAME=elastic -e ELASTICSEARCH_PASSWORD=Passwordny01! -e I18N_LOCALE=zh-CN -e SERVER_HOST=0.0.0.0 -p 5601:5601 kibana:7.6.2
创建配置文件
server.name: kibana
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://192.168.0.11:9210"]
xpack.monitoring.ui.container.elasticsearch.enabled: true
#设置kibana中文显示
i18n.locale: zh-CN
elasticsearch.username: "elastic"
elasticsearch.password: "Passwordny01!"
部署logstash
创建配置文件logstash.yml
http.host: "0.0.0.0"
path.config: /usr/share/logstash/config/conf.d/*.conf
path.logs: /usr/share/logstash/logs
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: Passwordny01!
xpack.monitoring.elasticsearch.hosts: ["http://192.168.0.11:9210"]
创建日志写入配置
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4561
codec => json_lines
type => "yaming"
}
}
output {
if [type] == "yaming" {
elasticsearch {
hosts => ["192.168.0.11:9210"]
index => "logstash-%{type}-%{+YYYY.MM.dd}"
user => "elastic"
password => "Passwordny01!"
}
}
}
启动
docker run -d -p 5044:5044 -p 4561:4561 --name=logstash_yaming \
--restart=always --privileged=true\
-e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
-v /home/yaming/logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml \
-v /home/yaming/logstash/conf.d:/usr/share/logstash/config/conf.d \
-v /home/yaming/logstash/logs:/usr/share/logstash/logs \
-d logstash:7.13.2
[2023-05-25T05:48:56,098][INFO ][logstash.inputs.tcp ][main][b587c45867949a2b051551a4cc7600bac4acaa803fad81bb8656cbb8b9a5439c] Starting tcp input listener {:address=>"0.0.0.0:4561", :ssl_enable=>false}
[2023-05-25T05:48:56,201][INFO ][logstash.agent ] Pipelines running {:count=>2, :running_pipelines=>[:main, :".monitoring-logstash"], :non_running_pipelines=>[]}
成功监听4561端口
