碼上快樂

相關內容    簡體    繁體

ELK引入redis

本文轉載自   查看原文   2019-05-10 12:00   768    Redis

數據庫最大瓶頸是IO,IO就是磁盤 

#網絡源

yum install epel-release -y 

yum install redis 

#redis配置

vim /etc/redis.conf 

bind 0.0.0.0 

requirepass 123456 

#啟動redis

systemctl restart redis 

ps -ef | grep redis 

logstash配置   第一台機子寫(211機子)  redis安裝到215機子上了

input {

  file {
    path => ["/var/log/messages"]
    type => "system"
    tags => ["syslog","test"]
    start_position => "beginning"
  }
file {
  path => ["/var/log/audit/audit.log"]
  type => "system"
  tags => ["auth","test"]
  start_position => "beginning"
  }
}

filter {

}

output { 

  redis { 

    host => ["xxx.xxx.x.xxx:6379"]

    password => "123456"

    db => "0"

    data_type => "list"   #指定數據類型的

    key => "logstash"    #存到key 下面 logstash

  }

}

 

logstash配置第二台機子讀   這台機子215

input {
  redis {
  host => "xxx.xxx.x.xxx"
  port => 6379
  password => "123456"
  db => "0"
  data_type => "list"
  key => "logstash"
  }
}

filter {

}

output {
  if [type] == "system" {
    if [tags][0] == "syslog" {
      elasticsearch {
        hosts => ["http://xxx.xxx.x.xxx:9200","http://xxx.xxx.x.xxx:9200","http://xxx.xxx.x.xxx:9200"]
        index => "logstash-system-syslog-%{+YYYY.MM.dd}"
      }
      stdout { codec=> rubydebug }
    }
    else if [tags][0] == "auth" {
      elasticsearch {
        hosts => ["http://xxx.xxx.x.xxx:9200","http://xxx.xxx.x.xxx:9200","http://xxx.xxx.x.xxx:9200"]
        index => "logstash-system-auth-%{+YYYY.MM.dd}"
      }
      stdout { codec=> rubydebug }
    }
  }
}

 

yum search openjdk

yum install java-1.8.0-openjdk -y 

 

官網 

https://redis.io/download

[root@bogon ~]# tar zxvf redis-4.0.14.tar.gz

 

[root@bogon ~]# cd redis-4.0.14/
[root@bogon redis-4.0.14]# make && make install

[root@bogon redis-4.0.14]# cd utils/
[root@bogon utils]#

[root@bogon utils]# ./install_server.sh    #初始化redis 

 

 #修改配置 

 [root@bogon utils]# vim /etc/redis/6379.conf

bind 0.0.0.0
port 6379
daemonize yes
logfile /var/log/redis_6379.log
dir /usr/local/redis/data

[root@bogon utils]# systemctl start redis_6379
[root@bogon utils]# 

#systemctl enable redis_6379

[root@bogon utils]# systemctl start redis_6379
[root@bogon utils]#

[root@bogon utils]# redis-cli
127.0.0.1:6379>

 

 

 

 

如果沒有啟動logstash,值就存到redis還有,否則反之 

 

 

filebeat配置

filebeat.inputs:
- type: log
  enabled: true
  backoff: "1s"
  tail_files: false
  paths:
    - /var/log/nginx/access.log
  fileds:
    filetype: logsnginxaccess
  fields_under_root: true

output.redis:
  enabled: true
  hosts: ["127.0.0.1:6379"]
  port: 6379
  key: nginx      #哪些key存儲這些數據 
  db: 0
  dataytpe: list   #數據類型

 

logstash配置
logstash-input-redis插件

/var/www/html/logstash7/config
[root@bogon config]#

input {
  redis {
  host => "127.0.0.1"
  port => 6379 
  key => "nginx"
  data_type => "list"
  db => 0
  }
}

filter {
  date {
    match => ["timestamp", "dd/MMM/yyyy:HH:mm:ss Z"]
    target => "@timestamp"
  }
}

output {
  elasticsearch {
  hosts => ["127.0.0.1:9200"]
  index => "nginx-%{+YYYY.MM.dd}"
  }
}


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 elk +redis 環境搭建 Elk+redis的配置 ELK Stack (2) —— ELK + Redis收集Nginx日志 ELK+redis+filebeat配置 ELK_elk+redis 搭建日志分析平台 第三十二章 elk(3)- broker架構 + 引入logback ELK系列五:Logstash輸出到Elasticsearch和redis ELK+filebeat+redis 日志分析平台 .net core 3.1 引入Redis springboot引入Redis及其使用案例
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM