install Filebeat
下载
[centos@us-prod-ops-logan-2 app]$ pwd /data/app [centos@us-prod-ops-logan-2 app]$ wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.17.5-linux-x86_64.tar.gz [centos@us-prod-ops-logan-2 app]$ tar zxf filebeat-7.17.5-linux-x86_64.tar.gz [centos@us-prod-ops-logan-2 app]$ cd filebeat-7.17.5-linux-x86_64 [centos@us-prod-ops-logan-2 filebeat-7.17.5-linux-x86_64]$ mkdir config [centos@us-prod-ops-logan-2 filebeat-7.17.5-linux-x86_64]$ cd config/
配置filebeat
[centos@us-prod-ops-logan-2 config]$ cat filebeat.yml filebeat.inputs: #收集日志 - type: log #类型 enabled: true #始终收集 paths: - /data/logs/logan-server/error.log - /data/logs/logan-server/info.log fields: type: 'ops-logan' multiline.type: pattern multiline.pattern: '^\[' multiline.negate: true multiline.match: after multiline.timeout: 3s ignore_older: 24h processors: - drop_fields: fields: ["agent","metadata","sort","beat","input_type","offset","input","prospector"] setup.ilm.enabled: false setup.template.settings: index.number_of_shards: 3 index.number_of_replicas: 1 output.elasticsearch: hosts: ["10.0.3.174:9200"] protocol: http username: "elastic" password: "root2758!@@" indices: - index: "ops-logan-%{+yyyy.MM.dd}" when.equals: fields.type: 'ops-logan'
启动filebeat
[centos@us-prod-ops-logan-2 filebeat-7.17.5-linux-x86_64]$ pwd /data/app/filebeat-7.17.5-linux-x86_64 [centos@us-prod-ops-logan-2 filebeat-7.17.5-linux-x86_64]$ ./filebeat -c config/filebeat.yml & [1] 1414
查看es数据
启动脚本
vim /usr/lib/systemd/system/filebeat.service [Unit] Description=filebeat server daemon Documentation=/data/app/filebeat-7.17.4-linux-x86_64/filebeat -help Wants=network-online.target After=network-online.target [Service] User=centos Group=centos Environment="BEAT_CONFIG_OPTS=-c /data/app/filebeat-7.17.4-linux-x86_64/config/filebeat.yml" ExecStart=/data/app/filebeat-7.17.4-linux-x86_64/filebeat $BEAT_CONFIG_OPTS Restart=always [Install] WantedBy=multi-user.target
启动服务
systemctl daemon-reload systemctl restart filebeat.service
继续阅读
评论