Home > Others

Elk installation Process

Source: Internet
Author: User
Tags curl pack zip kibana logstash
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
1. Create Elk users

You must create a elk user, and if you do not create a dedicated user, the following steps will cause an error when the Elk component is turned on by the root user. 2. Switch Elk User, download the Elk component in the Elk folder below home 2.1. Download Elasticsearch

[Root@localhost elk]# su Elk
[elk@localhost ~]$ pwd
/home/elk
[elk@localhost ~]$ wget https:// Artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.4.3.tar.gz

Unzip the tar package

[Elk@localhost ~]$ TAR-XVF elasticsearch-5.4.3.tar.gz

Enter elasticsearch-5.4.3

[Elk@localhost ~]$ CD elasticsearch-5.4.3

Modify the elasticsearch.yml file in config

Modified: Cluster.name: And Node.name: (can also use default)
Modified: Network.host: For 0.0.0.0
Modified: Http.port: For 9200
Save exit.

Start Elasticsearch:
to elk Users, start in the Elasticsearch directory:

[Elk@localhost elasticsearch-5.4.3]$ bin/elasticsearch     #前台运行
#或者
[Elk@localhost elasticsearch-5.4.3]$ bin/elasticsearch-d  #后台运行
[elk@localhost ~]$ Curl http://localhost:9200 
# # #返回以下内容则成功: # # #
Enter Host password for user ' elastic ':
{
  "name": "Elk-1", "
  cluster_name": "Elastic-cluster",
  "Cluster_ UUID ":" mfp7_aauqyiy190wwbk53g ",
  " version ": {
    " number ":" 5.4.3 ",
    " Build_hash ":" Eed30a8 ",
    " Build_date ":" 2017-06-22t00:34:03.743z ",
    " Build_snapshot ": false,
    " lucene_version ":" 6.5.1 "
  },
  "tagline": "You Know, for Search"
}

Startup Elascricsearch encountered an error

Encountered these two errors
1, Error:bootstrap checks failed
Max virtual Memory Areas Vm.max_map_count [65530] is too low, increase to at least [262144]

2, Error:bootstrap checks failed
System call filters failed to install; Check the logs and fix your configuration or disable system call filters at your own risk
I will not write, add a link: Click here, the error address

Install X-pack:

[Elk@localhost elasticsearch-5.4.3]$/bin/elasticsearch-plugin Install X-pack

(Time is longer)
You can also go to the official website to download x-pack, and then upload to the server and then install
Restart Elasticsearch x-pack Effective
Re-curl Http://localhost:9200-u elastic
Password: changeme 2.2, installation Logstash

Download Logstash

[Elk@localhost ~]$ wget https://artifacts.elastic.co/downloads/logstash/logstash-5.4.3.tar.gz
# # #解压
[ Elk@localhost ~]$ TAR-XVF logstash-5.4.3.tar.gz

Enter logstash-5.4.3

[Elk@localhost logstash-5.4.3]$ vim config/logstash.conf
# #内容:
Input {
    file {
            type = ' TypeName ' # Type title, used to differentiate (cannot be capitalized) path "
            /program Log path/*.log" #日志路径 (you can specify a file)
        codec + Multiline {
            pattern = =%{ Timestamp_iso8601:date} "#匹配 log lines that start with a time   can be matched with" ^\["if they start with []
            negate = true what
            =" Previous "
           }
           Start_position = "Beginning"
        }
      }
      output {
          elasticsearch {
              action = "Index"
              hosts = "127.0.0.1:9200" #elasticsearch地址和端口
              index = "logstash-%{type}-%{+yyyy. MM.DD} "# Output to ELA file name
              Document_type ="%{type} " 
              user =" Elastic "  #ela的用户名
              password =" Changeme "  #ela密码 (if it is installed, the password has been changed in Kibana, it must be modified here)
              }
      stdout {
          codec = Rubydebug
      }
    }

Test Logstash

[Elk@localhost logstash-5.4.3]$ bin/logstash-e ' input {stdin {}} ' output {stdout {codec=>rubydebug}} '
# # #然后你会发 Now the terminal is waiting for your input. No problem, hit Hello world, enter, and see what results will be returned. 
# # #出现如下结果
2017-02-23t08:34:25.661z c-101 Hello World

Start Logstash

[Elk@localhost logstash-5.4.3]$ nohup./bin/logstash-f config/logstash.conf &
2.3, installation Kibana

Download Kibana

[Elk@localhost ~]$ wget https://artifacts.elastic.co/downloads/kibana/kibana-5.4.3-linux-x86_64.tar.gz
[ Elk@localhost ~]$ TAR-ZXVF kibana-5.4.3-linux-x86_64.tar.gz

Enter kibana-5.4.3-linux-x86_64
Edit Config/kibana.yml

[Elk@localhost ~]$ cd kibana-5.4.3-linux-x86_64/
[elk@localhost kibana-5.4.3-linux-x86_64]$ vim config/ Kibana.yml
# # #内容修改
removed: server.port ago #
Modified: server.host: For 0.0.0.0
Modify: elasticsearch.url:http:// 127.0.0.1:9200 (Elasticsearch address)
modified:
elasticsearch.username: "User"
Elasticsearch.password: "Pass"
the user name and password for the elasticsearch.
# # #启动
[Elk@localhost kibana-5.4.3-linux-x86_64]$ nohup./bin/kibana &

Kibana Installation X-pack

[Elk@localhost kibana-5.4.3-linux-x86_64]$/bin/kibana-plugin install x-pack
# # #下载很慢 ~ may also be broken, so use wget direct download.
[Elk@localhost kibana-5.4.3-linux-x86_64]$ wget https://artifacts.elastic.co/downloads/kibana-plugins/ X-pack/x-pack-5.4.3.zip
# # #安装文件命令
[elk@localhost kibana-5.4.3-linux-x86_64]$./bin/kibana-plugin Install File:///home/elk/kibana-5.4.3-linux-x86_64/x-pack-5.4.3.zip 
# # # Restart Kibana, or you can mount the x-pack before booting

Browser Access http://IP:5601

Kibana Page Modify Login password
Modify the login password followed by modifying the corresponding Elasticsearch,logstash,kibana file.
Restart E, L, K 3, Precautions:

Open firewall ports.
If you read log logs from another group, add the Elk user to the group
such as: usermod-a-G Group name User name

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
unix installation process elk kibana elk logstash elk 6 elk syslog elk stack elk elasticsearch

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More