Logstash

https://www.elastic.co/cn/downloads/logstash

下载安装

1
2
3
4
wget https://artifacts.elastic.co/downloads/logstash/logstash-8.0.0-linux-x86_64.tar.gz
tar -zxvf  logstash-8.0.0-linux-x86_64.tar.gz -C /app/service/elk
mv logstash-8.0.0 logstash
mkdir -pv /app/data/Logstash && mkdir -pv /app/logs/Logstash

配置

vi /app/service/elk/config/logstash.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
node.name: logstash
path.data: /app/data/logstash
path.config: /app/conf/logstash
path.logs: /app/logs/logstash
log.level: debug
api.enabled: true
api.http.host: 127.0.0.1
api.http.port: 9600-9700
#api.auth.basic.username: "logstash-user"
#api.auth.basic.password: "s3cUreP4$$w0rD"
xpack.monitoring.enabled: true
#xpack.monitoring.elasticsearch.username: logstash_system
#xpack.monitoring.elasticsearch.password: password
xpack.monitoring.elasticsearch.hosts: ["https://127.0.0.1:9200"]
xpack.management.elasticsearch.hosts: ["http://127.0.0.1:9200"]

运行

1
2
export JAVA_CMD=/app/service/elk/jdk17/bin/java
export JAVA_HOME=/app/service/elk/jdk17
1
2
3
/app/service/elk/logstash/bin/logstash
## 运行成功以后输入以下语句检测是否成功
netstat -lantp | grep 5601

报错

1
tail -300f /var/log/messages