A tutorial on using Elk+redis to build log analysis platform under Linux

A tutorial on using Elk+redis to build log analysis platform under Linux

Http://www.alliedjeep.com/18084.htm

Elk Log Analysis +redis database can create a good log analysis platform, below we take a look at the use of Linux under the Elk+redis build Log analysis Platform tutorial, I hope the examples will help you.

This is the latest Elk+redis build log analysis platform, this time is September 11, 2015.

Elk are Elasticsearch,logstash, Kibana, respectively.

Official website: https://www.elastic.co/products

elasticsearch:https://www.elastic.co/downloads/elasticsearchhttps://download.elastic.co/elasticsearch/ elasticsearch/elasticsearch-1.7.1.tar.gzlogstash:https://www.elastic.co/downloads/logstashhttps:// Download.elastic.co/logstash/logstash/logstash-1.5.4.tar.gzkibana:https://www.elastic.co/products/kibanahttps ://download.elastic.co/kibana/kibana/kibana-4.1.2-linux-x64.tar.gz

Let's start with the plan.

\192.168.15.62 for the Log view server, the machine needs to install Redis, Elasticserch, Logstatsh, Kibana these four applications.
192.168.15.2 for the application Nginx application, we only collect his logs for analysis this time.

Installation

Yum install vim Unix2dos wget Curl curl-devel expect Expect-develyum install gcc glibc glib2 libgcc glibc-devel glib2-deve Lyum Install M4 automake autoconf cmake  cppyum install gcc-c++ libstdc++ libstdc++-devel Libstdc++-docs

On the 192.168.15.62 machine:

Log in as root, under Root's home directory “/root”:

#wget Https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.7.1.tar.gz#wget https:// Download.elastic.co/logstash/logstash/logstash-1.5.4.tar.gz#wget https://download.elastic.co/kibana/kibana/ Kibana-4.1.2-linux-x64.tar.gz#wget Http://download.redis.io/releases/redis-3.0.4.tar.gz#tar –xvzf REDIS-3.0.4.TAR.GZ#CD Redis-3.0.4#make#make INSTALL#CD utils#./install_server.sh

So Redis is ready to install.

#which Redis-server in/usr/local/bin/redis-server

The configuration file is placed in the/etc/redis/6379.conf file

#redis-cli>set AA aavalue>get AA can be tested. #cd #tar –xvzf ELASTICSEARCH-1.7.1.TAR.GZ#CP –a elasticsearch-1.7.1/usr/local#cd/usr/local#ln –s elasticsearch-1.7.1 Elasticsearch#cd#tar –xvzf logstash-1.5.4.tar.gz#cp –a Logstash-1.5.4/usr/local#cd/usr/local#ln –s logstash-1.5.4 Logstash#cd#tar –xvzf KIBANA-4.1.2-LINUX-X64.TAR.GZ#CP –a Kibana-4.1.2-linux-x64/usr/local#cd/usr/local#ln –s Kibana-4.1.2-linux-x64 Kibana

The program installation is complete.

Since Elasticsearch and Logstash are installed on a single machine, the default configuration is Elasticsearch.

/usr/local/elasticsearch/bin/elasticsearch –d (Start Elasticsearch in Deamon mode)

Open 192.168.15.62:9200 to see

Configuring the Logstash Program
# Cd/usr/local/logstash, mkdir etc logs two folders, etc for storing configuration files, logs for storing log files
Create a central.conf configuration file in the ETC directory:

The file description is a Redis input, output to the Elasticsearch program, in the Format JSON protocol for HTTP.

Start the Logstash program

#/usr/local/logstash
Agent –verbose--config/usr/local/logstash/etc/central.conf –log/usr/local/logstash/logs/ Stdou.log

The Kibana program is now version 4, with the Web, with a port of 5601:

#cd/usr/local/kibana/bin/

#./kibana program can be.

Now it's time to open the Kibana page.

The server installation is complete and you are now collecting logs on the client (192.168.25.2)

#cd
#tar –xvzf logstash-1.5.4.tar.gz
#cp –a logstash-1.5.4/usr/local
#cd/usr/local
#ln –s logstash-1.5.4 Logstash
#cd/usr/local/logstash Directory

also need #mkdir etc logs to store configuration files and log files.

Vim logstash_agent.conf

Start the Logstash program.

#/usr/local/logstash/bin/logstash –f/usr/local/logstash/etc/logstash_agent.conf

This will pass the log to the log server.
Open http://192.168.15.62:5601. is to open the Kibana page.

Configure:

You can see the logs to send them over.

A tutorial on using Elk+redis to build log analysis platform under Linux