[TOC]
### 安裝
>下載yum源的密鑰認證: # `rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch `
>利用yum安裝logstash: # `yum install -y logstash`
>查看下logstash的安裝目錄 :# `rpm -ql logstash `
>創建一個軟連接,每次執行命令的時候不用在寫安裝路勁(默認安裝在/usr/share下)
> `ln -s /usr/share/logstash/bin/logstash /bin/`
### 安裝
```
#導入Yum源:
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
cd /etc/yum.repos.d/
vim logstash.repo
[logstash-6.x]
name=Elastic repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
#安裝Logstash
yum clean all
sudo yum install logstash
#啟動Logstash服務
systemctl start logstash.service
#設置開機自啟動
systemctl enable logstash.service
```
```
# 簡單示例
bin/logstash -e 'input { stdin { } } output { stdout {} }'
# 輸入
input { ... }
# 過濾器
filter { ... }
# 輸出
output {
# 標準輸出
stdout {
codec => rubydebug
}
}
```
### 配置文件運行 logstash
```
# bin/logstash -f logstash.conf
# 從文件讀取日志信息
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
}
output {
# 輸出到 elasticsearch
elasticsearch {
hosts => ["192.168.10.224:9200"]
index => "system-%{+YYYY.MM.dd}"
}
}
```
### 實戰配置
```
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
file {
path => "/var/log/secure"
type => "secure"
start_position => "beginning"
}
file {
path => "/var/log/httpd/access_log"
type => "http"
start_position => "beginning"
}
file {
path => "/usr/local/nginx/logs/elk.access.log"
type => "nginx"
start_position => "beginning"
}
}
output {
if [type] == "system" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-system-%{+YYYY.MM.dd}"
}
}
if [type] == "secure" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-secure-%{+YYYY.MM.dd}"
}
}
if [type] == "http" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-http-%{+YYYY.MM.dd}"
}
}
if [type] == "nginx" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-nginx-%{+YYYY.MM.dd}"
}
}
}
```
- 簡介
- PHP
- 字符串函數
- 數組函數
- 正則
- 加密函數
- 面向對象
- 關鍵字
- 設計模式
- 魔術方法
- 機制擴展
- 會話機制
- PHP框架
- laravel
- 問題
- swoole
- easyswoole
- workerman
- 數據庫
- Sphinx
- MongoDB
- MemCache
- Redis
- 基礎操作
- 數據類型
- 持久化
- 分布式鎖
- 內存模型
- redis高級特性
- MySql
- 基礎操作
- 數據類型
- 數據表引擎
- 鎖機制
- 事務處理
- 存儲過程
- 觸發器
- 索引
- 關聯查詢
- 分析SQL語句-優化查詢
- 分區分表
- 主從復制
- MySql安全性
- 網絡協議
- HTTP
- header詳解
- 狀態碼
- nginx-配置
- 邏輯算法
- 時間和空間復雜度
- 常見算法
- 數據結構
- 核心
- 進程、線程、協程
- 存儲容量-計量單位
- 開發軟件及配置
- 版本控制器
- Git
- Fidder
- Fidder-Android7
- 自動化部署
- Jenkins
- supervisor
- Elasticsearch
- LogStash
- RabbitMQ
- AB測試
- JAVA-JDK
- FileBeat
- PhpStorm
- Composer
- Linux
- API安全
- 高并發及大流量相關概念
- 網站優化
- WEB
- Electron