1.elasticsearch的 搭建
- [root@localhost local]# vim /etc/security/limits.conf
- 添加以下内容 调整linux下的限制
-
* soft nproc 65536 * hard nproc 65536 * soft nofile 65536 * hard nofile 65536创建运行ELK的用户,elasticsearch 不能在root 用户下直接启动所以创建 elk 用户 作为启动 elasticsearch的用户
-
[root@localhost local]# groupadd elk [root@localhost local]# useradd -g elk elk vi /etc/sysctl.conf #增加以下参数 vm.max_map_count=655360创建ELK运行目录 [root@localhost local]# mkdir /elk [root@localhost local]# chown -R elk:elk /elk修改elasticserach 中conf 下的文件 elasticserach.yml 文件 注意格式
-
cluster.name: Tepusoft #节点名称 # # ------------------------------------ Node ------------------------------------ # # Use a descriptive name for the node: # node.name: elk-1 ##节点名称 # # Add custom attributes to the node: # #node.attr.rack: r1 # # ----------------------------------- Paths ------------------------------------ # # Path to directory where to store the data (separate multiple locations by comma): # path.data: /elk/es-data # # Path to log files: # path.logs: /elk/es-logs # # ----------------------------------- Memory ----------------------------------- # # Lock the memory on startup: # bootstrap.memory_lock: false bootstrap.system_call_filter: false # # Make sure that the heap size is set to about half the memory available # on the system and that the owner of the process is allowed to use this # limit. # # Elasticsearch performs poorly when the system is swapping the memory. # # ---------------------------------- Network ----------------------------------- # # Set the bind address to a specific IP (IPv4 or IPv6): # network.host: 192.168.5.132 # # Set a custom port for HTTP: # http.port: 9200 http.cors.enabled: true #此处必须开启 http.cors.allow-origin: "*" #此处必须开启 否则elasticsearch-head 插件无法调用 运行 #设置开机启动的脚本
- 安装logstash
- 安装Kinaba
扫一扫
3789
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
