Simple test record and linuxelk test record for installing elk in Linux

Simple test record and linuxelk test record for installing elk in Linux

Version:

1. elasticsearch-5.6.4.tar.gz

2. jdk-8u131-linux-x64.rpm

3.kibana-5.2.0-linux-x86_64.tar.gz

4.logstash-5.6.3.tar.gz

Next we need to have a virtual machine, and then enter the command yum install lrzsz (I used xshell to connect to the Linux virtual machine)

We pull these packages in, And then uninstall the jdk and command in Linux.

Rpm-qa | grep jdk (this is to view jdk)

Then uninstall the command

Rpm-e -- nodeps java-1.7.0-openjdk-1.7.0.45-2.4.3.3.el6.x86_64

Rpm-e -- nodeps java-1.6.0-openjdk-1.6.0.0-1.66.1.13.0.el6.x86_64

After the jdk is uninstalled, check whether the jdk still exists!

Rpm-qa | grep jdk

Install jdk, command

Rpm-ivh jdk-8u131-linux-x64.rpm

After the jdk is installed, we can find the jdk. The command is as follows:

Which java

Ls-lrt/usr/bin/java

Ls-lrt/etc/alternatives/java

Cd/usr/java/

Find it and rename it. The command is as follows:

Mv jdk1.8.0 _ 131/jkd8

Change it to a directory;

Mv jkd8 // usr/local/

Set global variables

Vim/etc/profile

Export JAVA_HOME =/usr/local/jdk8

Export PATH = $ PATH: $ JAVA_HOME/bin

Export CLASSPATH =.: $ JAVA_HOME/lib/dt. jat: $ JAVA_HOME/lib/tools. jar

Save and exit, and then make the variable take effect

Source/etc/profile

Next, decompress the package and rename it elasticsearch.

Tar-zxvf elasticsearch-5.6.4.tar.gz-C/usr/local/

Music elasticsearch-5.6.4/elasticsearch

Then go to the elasticsearch config file.

Modify the matching File

Vim elasticsearch. yml

Cluster. name: demo

Add the following configuration

Node. name: elk-1

Path. data:/usr/local/data/es-data

Path. logs:/var/log/es/

Bootstrap. memory_lock: true

Network. host: 0.0.0.0

Http. port: 9200

Save and exit, and then start it and try again. Go to the bin directory,

./Elasticsearch

Then we will find that an error is reported, so don't worry, and solve it step by step;

First, modify our user permissions. Because elasticsearch does not support root User Startup, I will create a common user to start elasticsearch.

Create Group

Groupadd elasticsearch

Create user

Useradd elasticsearch-g elasticsearch-p 123456

Next, we will create the created file.

Mkdir/usr/local/data

Mkdir/usr/local/data/es-data

Mkdir/var/log/es

Chown-R elasticsearch: elasticsearch/usr/local/data/es-data/

Chown-R elasticsearch: elasticsearch/var/log/es/

Chown-R elasticsearch: elasticsearch/usr/local/elasticsearch/

Then switch the user to start

Suelasticsearch

Then, an error will be reported. Next, I will write all the configurations that need to be modified.

Vim/etc/security/limits. conf

Add the following content:

* Soft nofile 65536

* Hard nofile 131072

* Soft nproc 2048

* Hard nproc 4096

Vim/etc/sysctl. conf

Add the following Configuration:

Vm. max_map_count = 655360

Vim/etc/security/limits. d/90-nproc.conf

* Soft nproc 2048

Vim elasticsearch/config/elasticsearch. yml

Cluster. name: demo

Node. name: elk-1

Path. data:/usr/local/data/es-data

Path. logs:/var/log/es/

Bootstrap. memory_lock: false

Bootstrap. system_call_filter: false

Network. host: 0.0.0.0

Http. port: 9200

Yuminstall-ylog4j * ### install the log4j package

Then start;

Then install logstash-5.6.3.tar.gz

Vim config/jvm. options

Modify the memory size to 512 MB or MB.

Then start

The first is to test whether the local machine is not connected to elasticsearch.

./Logstash-e 'input {stdin {}} output {stdout {}}'

The second is to test the connection to elasticsearch.

./Logstash-e 'input {stdin {}} output {elasticsearch {hosts => ["192.168.105.96: 9200"]} stdout {codec => rubydebug }}'