一、环境准备
1.架构图
2.环境准备
主机 | 操作系统 | 安装软件 | ip |
---|---|---|---|
node01 | CentOS7.9 | nginx filebeat-8.8.2 | 172.11.0.90 |
node02 | CentOS7.9 | logstash-8.8.2 | 172.11.0.89 |
node03 | CentOS7.9 | elasticsearch-8.8.2 kibana-8.8.2 | 172.11.0.88 |
二、节点node01安装nginx和filebeat-8.8.2
1.安装nginx
yum -y install epel-release
yum install -y nginx
systemctl start nginx
查看nginx 日志:
cat /var/log/nginx/access.log
192.168.10.2 - - [06/Jul/2023:13:37:30 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
192.168.10.2 - - [06/Jul/2023:13:37:31 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58" "-"
2.安装filebeat-8.8.2
官方地址:链接
- 下载安装公开签名秘钥:
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch
- 配置RPM repo
cd /etc/yum.repos.d/
vim elastic.repo
#添加以下内容
[elastic-8.x]
name=Elastic repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
- 安装filebeat-8.8.2
yum install -y filebeat-8.8.2
cd /etc/filebeat/
mv filebeat.yml filebeat.yml.bak
vim filebeat