ELK yum 部署

1.1 jdk 部署

[root@localhost ~]# yum install java-1.8.0-openjdk -y

1.2 yum 源添加

[root@localhost ~]# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
[root@localhost ~]# cat /etc/yum.repos.d/elk.repo 
[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

1.3 logstash 安装

[root@localhost ~]# yum clean all
[root@localhost ~]# yum install logstash -y

1.4 elasticsearch 与 kibana 部署

[root@localhost ~]# yum install elasticsearch -y
[root@localhost ~]# yum install kibana -y

1.5 配置文件修改

[root@elk ~]# grep '^[^#;]' /etc/elasticsearch/elasticsearch.yml 
cluster.name: ELK-Study
node.name: ELK-Master
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.mlockall
network.host: 0.0.0.0
http.port: 9200

[root@elk logstash]# grep '^[^#;]' /etc/logstash/logstash.yml
path.data: /var/lib/logstash
path.config: /etc/logstash/conf.d
http.host: "192.168.1.22"
path.logs: /var/log/logstash

[root@elk logstash]# grep '^[^#;]' /etc/kibana/kibana.yml 
server.port: 5601
server.host: "192.168.1.22"
elasticsearch.url: "http://192.168.1.22:9200"
kibana.index: ".kibana"

1.6 服务启动

[root@localhost ~]# systemctl start elasticsearch
[root@localhost ~]# systemctl start kibana
[root@localhost ~]# systemctl start logstash

1.7 测试

• elasticsearch测试

  [root@localhost elasticsearch]# curl http://192.168.1.22:9200/_search?q=hello
  {"took":47,"timed_out":false,"_shards":{"total":1,"successful":1,"skipped":0,"failed":0},"hits":{"total":0,"max_score":null,"hits":[]}}
  

• kibana测试

  浏览器访问：http://192.168.1.22:5600
  

1.8 kibana 汉化

[root@localhost opt]# unzip Kibana_Hanization-master.zip 
[root@localhost opt]# cd Kibana_Hanization-master/
[root@localhost opt]# python main.py /usr/share/kibana/
[root@localhost opt]# systemctl restart kibana.service