使用docker将elasticsearch5 + kibana5 + logstash5运行起来
请提供以下信息。
请提供以下内容。
请参考以下内容。
请参阅以下内容。
请考虑以下建议。
请参照以下提示。
请查看以下内容。
-
- Figure out what’s up with 5.0 · Issue #98 · docker-library/elasticsearch
-
- dockerhub elasticsearch
-
- dockerhub kibana
- logstashでapacheのアクセスログをelasticsearchに送信し、kibanaでグラフ表示 – Qiita
docker-compose.yml 文件
es:
image: elasticsearch:5
ports:
- "9200:9200"
- "9300:9300"
volumes:
- ./es_config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
- ./es_data/:/usr/share/elasticsearch/data/
environment:
- ES_JAVA_OPTS=-Xms512M -Xmx512M
ki:
image: kibana:5
ports:
- "5601:5601"
links:
- es
environment:
- ELASTICSEARCH_URL=http://es:9200
5.0/config/elasticsearch.ymlを./es_config/elasticsearch.ymlに記述
network.host: 0.0.0.0
# this value is required because we set "network.host"
# be sure to modify it appropriately for a production cluster deployment
discovery.zen.minimum_master_nodes: 1
# sysctl -w vm.max_map_count=262144
docker-compose up
日志堆栈(deb)
LogstashからLogstash 5のdebインストールした
input { file { path=> "/var/log/apache2/access.log" } }
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
locale => "en"
}
mutate {
replace => { "type" => "apache_access" }
}
}
output {
elasticsearch { hosts => ["192.168.10.22:9200"] }
}
sudo /usr/share/logstash/bin/logstash --path.settings=/etc/logstash/ -f logstash.conf
- logstash2系の場合、/opt/logstash/bin/logstash -f logstash.conf
http://localhost:5601 にアクセスしログを受け取っていることを確認
日志传送批处理(容器化)
input { file { path=> "/var/log/apache2/access.log" } }
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
locale => "en"
}
mutate {
replace => { "type" => "apache_access" }
}
}
output {
elasticsearch { hosts => ["192.168.10.22:9200"] }
stdout { codec => rubydebug }
}
- root権限でlogstash起動
docker run \
-it --rm -v "$PWD":/config-dir \
-v /var/log/apache2/:/var/log/apache2/:ro \
logstash:5 \
gosu root logstash -f /config-dir/logstash.conf
