[TOC]
### 安装
>下载yum源的密钥认证: # `rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch `
>利用yum安装logstash: # `yum install -y logstash`
>查看下logstash的安装目录 :# `rpm -ql logstash `
>创建一个软连接,每次执行命令的时候不用在写安装路劲(默认安装在/usr/share下)
> `ln -s /usr/share/logstash/bin/logstash /bin/`
### 安装
```
#导入Yum源:
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
cd /etc/yum.repos.d/
vim logstash.repo
[logstash-6.x]
name=Elastic repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
#安装Logstash
yum clean all
sudo yum install logstash
#启动Logstash服务
systemctl start logstash.service
#设置开机自启动
systemctl enable logstash.service
```
```
# 简单示例
bin/logstash -e 'input { stdin { } } output { stdout {} }'
# 输入
input { ... }
# 过滤器
filter { ... }
# 输出
output {
# 标准输出
stdout {
codec => rubydebug
}
}
```
### 配置文件运行 logstash
```
# bin/logstash -f logstash.conf
# 从文件读取日志信息
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
}
output {
# 输出到 elasticsearch
elasticsearch {
hosts => ["192.168.10.224:9200"]
index => "system-%{+YYYY.MM.dd}"
}
}
```
### 实战配置
```
input {
file {
path => "/var/log/messages"
type => "system"
start_position => "beginning"
}
file {
path => "/var/log/secure"
type => "secure"
start_position => "beginning"
}
file {
path => "/var/log/httpd/access_log"
type => "http"
start_position => "beginning"
}
file {
path => "/usr/local/nginx/logs/elk.access.log"
type => "nginx"
start_position => "beginning"
}
}
output {
if [type] == "system" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-system-%{+YYYY.MM.dd}"
}
}
if [type] == "secure" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-secure-%{+YYYY.MM.dd}"
}
}
if [type] == "http" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-http-%{+YYYY.MM.dd}"
}
}
if [type] == "nginx" {
elasticsearch {
hosts => ["192.168.1.202:9200"]
index => "nagios-nginx-%{+YYYY.MM.dd}"
}
}
}
```
- 简介
- PHP
- 字符串函数
- 数组函数
- 正则
- 加密函数
- 面向对象
- 关键字
- 设计模式
- 魔术方法
- 机制扩展
- 会话机制
- PHP框架
- laravel
- 问题
- swoole
- easyswoole
- workerman
- 数据库
- Sphinx
- MongoDB
- MemCache
- Redis
- 基础操作
- 数据类型
- 持久化
- 分布式锁
- 内存模型
- redis高级特性
- MySql
- 基础操作
- 数据类型
- 数据表引擎
- 锁机制
- 事务处理
- 存储过程
- 触发器
- 索引
- 关联查询
- 分析SQL语句-优化查询
- 分区分表
- 主从复制
- MySql安全性
- 网络协议
- HTTP
- header详解
- 状态码
- nginx-配置
- 逻辑算法
- 时间和空间复杂度
- 常见算法
- 数据结构
- 核心
- 进程、线程、协程
- 存储容量-计量单位
- 开发软件及配置
- 版本控制器
- Git
- Fidder
- Fidder-Android7
- 自动化部署
- Jenkins
- supervisor
- Elasticsearch
- LogStash
- RabbitMQ
- AB测试
- JAVA-JDK
- FileBeat
- PhpStorm
- Composer
- Linux
- API安全
- 高并发及大流量相关概念
- 网站优化
- WEB
- Electron