One: Install Elasticsearch
Download and extract Elasticsearch
Go directly to the official website (https://www.elastic.co/cn/downloads/elasticsearch) to download the Elasticsearch for your own system, Here is the latest version of the 6.1.1, and then unzip the appropriate directory can be placed below the/usr/local.
Elasiticsearch Directory
Bin run some scripts for Elasticsearch instances and management Plug-ins
Config profile, elasticsearch.yml
The location of data files for each index/fragment on the node
The. jar file that the Lib Elasticsearch itself uses
Logs log file
Modules
Plugins where installed plug-ins are stored
Start Elasticsearch
Switch to the Elasticsearch directory, and then run the Elasticsearch under Bin
cd/usr/local/elasticsearch-6.1.1
./bin/elasticsearch
./bin/elasticsearch is a foreground startup and you can use the-d parameter if you want to start in the background:./bin/elasticsearch-d
Rest Access
Elasticsearch uses a port of 9200 that can be accessed directly from the browser http://localhost:9200/or accessed using the Curl command http://localhost:9200
Curl-xget ' http://localhost:9200 '
{'
name ': ' Xv7dtds ',
' cluster_name ': ' Elasticsearch ',
' Cluster_ UUID ":" 4-7jtdmbsasmws83wgavtg ","
version ": {
" number ":" 6.1.1 ",
" Build_hash ":" bd92e7f ",
" build_ Date ":" 2017-12-17t20:23:25.338z ","
build_snapshot ": false,
" lucene_version ":" 7.1.0 ",
" Minimum_wire _compatibility_version ":" 5.6.0 ","
minimum_index_compatibility_version ":" 5.0.0 "
},
" tagline ":" For Search "
} Know
Stop Elasticsearch
If you use the foreground mode to start, use CTRL + C directly to stop Elasticsearch two: Install IK word breaker
Participle is a very important part of Full-text indexing, Elasticsearch is not support Chinese participle, IK word breaker support Chinese
Download Elasticsearch-analysis-ik
directly to GitHub download Elasticsearch-analysis-ik word breaker, note that the version of the word breaker must be consistent with the version of Elasticsearch, download the address https://github.com/medcl/ Elasticsearch-analysis-ik/releases/download/v6.1.1/elasticsearch-analysis-ik-6.1.1.zip, As required, you can change the 6.1.1 to its own Elasticsearch version can be directly downloaded.
Installing an IK word breaker
Directly decompression elasticsearch-analysis-ik-6.1.1.zip, and the extracted file directory Elasticsearch placed under the Elasticsearch installation directory under the plugins, and then restart the Elasticsearch can
Test IK word breaker
Curl-xget-h ' Content-type:application/json ' http://localhost:9200/_analyze?pretty '-d ' {
"Analyzer": "Ik_max_ Word ","
text ":" The national anthem of the People's Republic of China
} '
Three: Install Kibana
Kibana is an Open-source analysis and visualization platform designed to work with Elasticsearch. Kibana provides the ability to search, view, and interact with data stored in the Elasticsearch index. Developers or operational personnel can easily perform advanced data analysis and visualize data in a variety of charts, tables, and maps.
Download and Unzip
Directly to the official website Https://www.elastic.co/downloads/kibana to download, extract to the appropriate directory, the download version must be consistent with the version of Elasticsearch
Configure Elasticsearch.url
Edit Kibana directory/conf/kibana.yml file has a elasticsearch.url is commented out, open the Elasticsearch.url annotation can
Start Kibana
Switch to the Kibana directory and start
cd/usr/local/kibana-6.1.1
./bin/kibana
Visit: http://localhost:5601/ four: Install X-pack
Note: Installation of X-pack needs to be installed first Kibana
X-pack Installation: Speaking more detailed, here recommend http://www.51niux.com/?id=210
X-pack is a Elasticsearch expansion pack that bundles security, warning, monitoring, graphics, and reporting functions in an easy to install package
Specifically press and hold steps the official web has detailed instructions: https://www.elastic.co/downloads/x-pack
cd/usr/local/elasticsearch-6.1.1
# You can enter Y during the installation process
./bin/elasticsearch-plugin Install x-pack
# boot es
./ Bin/elasticsearch
#
prompts during cd/usr/local/elasticsearch-6.1.1 # Setup in another window
, enter y
./bin/x-pack/ Setup-passwords Auto
# returns results
Changed password for user kibana
password Kibana = wz54ldefa+1n5c# #IAuF
Changed password for user logstash_system
password Logstash_system = e6&gqow5tp-? JJMLSHJS
Changed password for user elastic
Password elastic = @Dc? $qz 3w6ezf%juwkd+
cd/usr/local/ kibana-6.1.1
# The installation process
is slow./bin/kibana-plugin Install x-pack
# Configure user names and Passwords
in KIBANA.YML Elasticsearch.username: "Kibana"
# password is automatically generated by the above steps
elasticsearch.password: "Wz54ldefa+1n5c# #IAuF"
Access http://localhost:5601/after installation and use user name: elastic password: @Dc? $qz 3w6ezf%juwkd+ Login
Note: The role of elastic is Superuser superuser, Superuser can use API actions in Dev Tools Es,kibana the role of the user is Kibana_system, through management can manage users, such as creating users, Modify the password (for convenience, the password is changed to 123456), assign permissions, etc.
Dev Tools: Curl can be simplified operation es, only to specify the HTTP verb, API path and parameters. For example
Put/megacorp/employee/1
{
"First_Name": "John",
"Last_Name": "Smith",
"Age": 25,
"About": "I love to go rock climbing",
"Interests": ["Sports", "music"]
}
Monitoring: for monitoring cluster
#-I: Used to display response Headers
#-U: for setting user name and Password
#-H: Formatting parameters with #
-X: Used to specify HTTP verb
# Use Parameters on the path? Pretty indicates that the result of the response is formatted and output is easier to read
curl-xget-i-U elastic:123456 -h ' content-type:application/json ' Http://localhost:9200/_analyze?pretty '- d ' {
"Analyzer": "Ik_max_word",
"text": "The national anthem of the People's Republic of China"
} '
es commonly used in response status code:
404 OK-General indication Operation Success
Not Found-a document that is not found at query time is returned 404 201 Created is not found
-typically when a document is successfully returned 201 has been created
409 Conflict-general failure to create a document or update a document to return a conflict
problem
At login Kibana, if user name and password cannot be entered, prompt "login is currently disabled." Administrators should consult the Kibana logs for more details.
You need to regenerate the password and then configure the elstic username and password into kibana.yml
./bin/x-pack/setup-passwords Auto
elasticsearch.username: "Elastic"
Elasticsearch.password: "<pwd>"
Install Logstash
This part is not required and can be ignored.
Logstash is a lightweight log-collection processing framework that facilitates the collection of decentralized, diverse logs and customized processing, which can then be transferred to a specific location, such as a server or file. Can focus on various types of data, can standardize different patterns and formats of data, can quickly expand the format of custom log, can be very convenient to add plug-ins from the definition of data sources, logstash using JRuby developed, itself also supports the function of Plug-ins
ELK: Open source distributed log analysis Search platform E:elasticsearch, responsible for data storage and query L:logstash, responsible for the filtering and parsing of log data K:kibana, responsible for the front-end presentation of the Web
Start
./logstash-e ' input {stdin {}} ' output {stdout {}} '
Note that when installing the JDK version, if the error in the startup times is probably the JDK version is low
Nameerror:cannot link Java class org.logstash.RubyUtil org/logstash/rubyutil:unsupported Major.minor version 52.0
Input: for processing inputs
Filter: Used to process filtered
Output: Used to process outputs.
Input {
file {
path => ""
start_position => beginning
}
}
filter {
}
output {
Elasticsearch {}
stdout {}
}