centos7.9环境安装kibana-8.8.2 logstash-8.8.2 elasticsearch-8.8.2 filebeat-8.8.2版本收集nginx日志-优快云博客

本文链接：https://blog.youkuaiyun.com/BY_xiaopeng/article/details/131576135

一、环境准备

1.架构图

在这里插入图片描述

2.环境准备

主机	操作系统	安装软件	ip
node01	CentOS7.9	nginx filebeat-8.8.2	172.11.0.90
node02	CentOS7.9	logstash-8.8.2	172.11.0.89
node03	CentOS7.9	elasticsearch-8.8.2 kibana-8.8.2	172.11.0.88

二、节点node01安装nginx和filebeat-8.8.2

1.安装nginx

yum -y install epel-release
yum install -y nginx
systemctl start nginx

查看nginx 日志：

cat /var/log/nginx/access.log
192.168.10.2 - - [06/Jul/2023:13:37:30 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"

2.安装filebeat-8.8.2

官方地址:链接

下载安装公开签名秘钥：

rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

配置RPM repo

cd /etc/yum.repos.d/
vim elastic.repo  
#添加以下内容
[elastic-8.x]
name=Elastic repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

安装filebeat-8.8.2

yum install -y filebeat-8.8.2
cd /etc/filebeat/
mv filebeat.yml filebeat.yml.bak
vim filebeat