1.下载https://www.elastic.co/downloads/logstash到/usr/local/src
wget https://download.elastic.co/logstash/logstash/logstash-2.4.0.tar.gz
2.解压
tar -zxvf logstash-2.4..tar.gz -C /usr/local
3.创建配置文件
cd /usr/local/logstash/config
vi test.conf
输入
input {
file {
path => "/opt/boot/logs/*.log"
start_position => beginning
}
stdin {
}
}
filter {
#Only matched data are send to output.
}
output {
stdout {
codec => rubydebug
}
elasticsearch {
action => "index" #The operation on ES
codec => rubydebug
hosts => "192.168.235.32:9200" #ElasticSearch host, can be array.
index => "logstash-%{+YYYY.MM.dd}" #The index to write data to.
}
}
运行
bin/logstash -f test.conf
4.新建测试log文件
cd /opt/boot/logs
vim .log
写入测试数据:aa
5.打开kibana
新建index partner
查看
至此,简单完成了日志系统,生产中,可以通过Serilog等组件写日志,通过logstash监听,并写入els,并展示出来