##logstash binlog elasticsearch
#!/bin/bash echo ' [elasticsearch-6.x] name=Elasticsearch repository for 6.x packages baseurl=https://mirrors.tuna.tsinghua.edu.cn/elasticstack/6.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md ' >/etc/yum.repos.d/elasticsearch.repo yum -y install elasticsearch-6.6.1 systemctl enable elasticsearch echo " path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch network.host: 0.0.0.0 http.port: 9200 node.name: $(hostname) " >/etc/elasticsearch/elasticsearch.yml systemctl restart elasticsearch ################ yum -y install logstash-6.6.1 /usr/share/logstash/bin/logstash-plugin install logstash-input-jdbc /usr/share/logstash/bin/logstash-plugin install logstash-output-elasticsearch ######################jdbc mysql yum install -y mysql-connector-java echo ' input { jdbc { jdbc_driver_library => "/usr/share/java/mysql-connector-java.jar" jdbc_driver_class => "com.mysql.jdbc.Driver" jdbc_connection_string => "jdbc:mysql://192.168.11.71:3306/omd" jdbc_user => "omd" jdbc_password => "omd" schedule => "* * * * *" statement => "SELECT * FROM app_cron_log WHERE start_time >= :sql_last_value" use_column_value => true tracking_column_type => "timestamp" tracking_column => "start_time" last_run_metadata_path => "syncpoint_omd_cronlog" } } # #filter { # json { # source => "message" # remove_field => ["message"] # } # mutate { # remove_field => "@timestamp" # remove_field => "type" # remove_field => "@version" # # } #} output { elasticsearch { hosts => "192.168.11.72:9200" index => "app_cron_log" document_id => "%{id}" } }' >/etc/logstash/conf.d/omd_cronlog.conf systemctl restart logstash