Build Elk Log Analysis platform under Windows system

Again record elk of the building, personally feel very troublesome, suggest or build under the Linux system, performance will be better, but I was built under Windows, or record it, like my memory poor people still have to rely on bad writing

Brief introduction:

Elk consists of three open source tools, Elasticsearch, Logstash and Kiabana:

Elasticsearch is an open source distributed search engine, it features: distributed, 0 configuration, automatic discovery, Index auto-shard, index copy mechanism, RESTful style interface, multi-data source, automatic search load, etc.

Logstash is a fully open source tool that collects, filters, and stores your logs for later use (for example, search).

Kibana is also an open source and free tool that Kibana a friendly Web interface for log analysis that Logstash and ElasticSearch can provide to help you summarize, analyze, and search for important data logs.

1. Structure of the log platform

2. Deployment environment

Windows7

3. Installation Steps

(1) Download the required components, including Logstash, Kibana, Elasticsearch

Elasticsearch:https://download.elasticsearch.org/...p/elasticsearch/2.0.0/elasticsearch-2.0.0.zip

logstash:https://download.elastic.co/logstash/logstash/logstash-2.0.0.zipkibana:https://download.elastic.co/ Kibana/kibana/kibana-4.2.0-windows.zip

(2) Step two unzip the file: Create the folder "F:\elk", extract all the compressed package to this directory, easy to manage later.

(3) Installation of required components, including Logstash, Kibana, Elasticsearch

A) Install Elasticsearch to run the service install for the Windows Service CD to the bin directory of the Elasticsearch folder and prompt the installation to succeed

CMD running Service Manager will pop up the services management interface, you can set up auto start and start it.

The browser accesses the 127.0.0.1:9200, and a successful JSON appears

(Note: cmd in CD.) To return to the upper directory, the CD directory is named enter the directory.

b) Install Logstash for Windows services

New Logstash Startup batch file

Create a new Run.bat file under Folder F:\elk\logstash\bin

The file contents are as follows

Logstash.bat agent-f logstash.conf

(The purpose of this batch increase is to solve the problem of Logstash running for a period of time in a Windows environment.) ）

Download NSSM Https://nssm.cc/release/nssm-2.24.zip

Unzip the copy Nssm-2.24\win64 directory under Nssm.exe to Logstash Bin directory

CMD run NSSM installlogstash

In the popup interface, set path to

Path:f:\elk\logstash\bin\run.bat
Startup Directory:f:\elk\logstash\bin

The Details tab sets the display name Logstash,

Dependencies tab Settings Dependent services elasticsearch-service-x64

Finally click Install Service installation succeeded

You.conf renamed to Logstash_es.conf

The contents of the logstash_es.conf file are as follows:

Input {stdin {}}

Output {

Elasticsearch {hosts = "localhost"}

stdout {codec=> Rubydebug}

}

c) Install Kibana as the Windows service and copy the Nssm file as before, the installation service path is Kibana.bat, and the dependencies can be set logstash,elasticsearch-service-x64

(Note: The last one if the installation is unsuccessful, the dependency can be set elasticsearch-service-x64)

Build Elk Log Analysis platform under Windows system