Filebeat安装配置

作者: 王宣成 | 来源:发表于2021-10-28 21:13 被阅读0次

wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.1-x86_64.rpm
rpm -ivh filebeat-7.6.1-x86_64.rpm
cd /etc/filebeat

#设置开机启动
systemctl enable filebeat

#检查 Filebeat 启动状态
systemctl status filebeat

# 启动
systemctl start filebeat

#停止
systemctl stop filebeat

修改配置
filebeat.yml


#=========================== Filebeat inputs =============================

filebeat.inputs:

- type: log
  enabled: true
  paths:
    - /var/log/boot.log
  fields:
    service: boot
 
- type: log
  enabled: true
  paths:
    - /var/log/*.log
  fields:
    service: varlog
    
#----------------------------- Logstash output --------------------------------
output.logstash:
  # The Logstash hosts
  hosts: ["172.21.28.138:5044"]

先看 elk安装配置 https://www.jianshu.com/p/3043c1644868
logstash.conf

input {
    beats {
        port => 5044
    }

    tcp {
        port => 5000
    }
}

output {
    
    if [fields][service] == "varlog"{ 
        elasticsearch {
            hosts => "172.21.28.138:9200"
            index => "var-log-%{+YYYY.MM.dd}"
            user => "elastic"
            password => "123456"
        }
    } 
    
    if [fields][service] == "boot"{ 
        elasticsearch {
            hosts => "172.21.28.138:9200"
            index => "boot-log-%{+YYYY.MM.dd}"
            user => "elastic"
            password => "123456"
        }
    }
}

网友评论

DevOps

本文标题：Filebeat安装配置

本文链接：https://www.haomeiwen.com/subject/entbaltx.html

延伸阅读

深度阅读

您也可以注册成为美文阅读网的作者，发表您的原创作品、分享您的心情！

Filebeat安装配置

相关文章

网友评论

延伸阅读

深度阅读

栏目导航

热点阅读

DevOps