当前位置: 首页 > news >正文

logstash入门学习

1、入门示例

1.1、安装

Redhat 平台

rpm --import http://packages.elasticsearch.org/GPG-KEY-elasticsearch
cat > /etc/yum.repos.d/logstash.repo <<EOF
[logstash-5.0]
name=logstash repository for 5.0.x packages
baseurl=http://packages.elasticsearch.org/logstash/5.0/centos
gpgcheck=1
gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch
enabled=1
EOF
yum clean all
yum install logstash

yum install -y java-1.8.0-openjdk

1.2Hello World

运行

/usr/share/logstash/bin/logstash -e 'input{stdin{}}output{stdout{codec=>rubydebug}}'

结果
在这里插入图片描述

1.3、其他

[root@db01-84-31 conf.d]# /usr/share/logstash/bin/logstash -f logstash.conf
--- jar coordinate com.fasterxml.jackson.core:jackson-annotations already loaded with version 2.7.1 - omit version 2.7.0
--- jar coordinate com.fasterxml.jackson.core:jackson-databind already loaded with version 2.7.1 - omit version 2.7.1-1
Logstash has a new settings file which defines start up time settings. This file is typically located in $LS_HOME/config or /etc/logstash. If you installed Logstash through a package and are starting it manually please specify the location to this settings file by passing in "--path.settings=/path/.." in the command line options {:level=>:warn}
Failed to load settings file from "path.settings". Aborting... {"path.settings"=>"/usr/share/logstash/config", "exception"=>Errno::ENOENT, "message"=>"No such file or directory - /usr/share/logstash/config/logstash.yml", :level=>:fatal}
[root@db01-84-31 conf.d]# touch /usr/share/logstash/config/logstash.yml
touch: 无法创建"/usr/share/logstash/config/logstash.yml": 没有那个文件或目录
[root@db01-84-31 conf.d]# mkdir /usr/share/logstash/config/
[root@db01-84-31 conf.d]# touch /usr/share/logstash/config/logstash.yml
[root@db01-84-31 conf.d]# cat logstash.conf
input{stdin{}
}filter{}output{stdout{codec=>rubydebug}
}
[root@db01-84-31 conf.d]#
[root@db01-84-31 conf.d]# /usr/share/logstash/bin/logstash -f logstash.conf
--- jar coordinate com.fasterxml.jackson.core:jackson-annotations already loaded with version 2.7.1 - omit version 2.7.0
--- jar coordinate com.fasterxml.jackson.core:jackson-databind already loaded with version 2.7.1 - omit version 2.7.1-1
Pipeline main started
12345678910
{"@timestamp" => 2024-08-21T04:05:46.003Z,"@version" => "1","host" => "db01-84-31","message" => "12345678910"
}

2、插件配置

[root@db01-84-31 conf.d]# /usr/share/logstash/bin/logstash-plugin --help
Usage:bin/logstash-plugin [OPTIONS] SUBCOMMAND [ARG] ...Parameters:SUBCOMMAND                    subcommand[ARG] ...                     subcommand argumentsSubcommands:install                       Install a pluginuninstall                     Uninstall a pluginupdate                        Update a pluginpack                          Package currently installed pluginsunpack                        Unpack packaged pluginslist                          List all installed pluginsgenerate                      Create the foundation for a new pluginOptions:-h, --help                    print help

2.1、input详解

https://elkguide.elasticsearch.cn/logstash/plugins/input/

读取文件(File)

分析网站访问日志应该是一个运维工程师最常见的工作了。所以我们先学习一下怎么用 logstash 来处理日志文件。

配置示例

input {file {path => ["/var/log/*.log", "/var/log/message"]type => "system"start_position => "beginning"}
}
 elasticsearch {hosts => ["192.168.84.71:9200"]index => "nginxlog"flush_size => 20000idle_flush_time => 10}
http://www.lryc.cn/news/429879.html

相关文章:

  • 【代码】Swan-Transformer 代码详解(待完成)
  • iframe.contentDocument 和document.documentElement的区别
  • 计算机操作员试题(中篇)
  • 车规级MCU「换道」竞赛
  • 数学生物学-2-离散时间模型(Discrete Time Models)
  • 免费开源!AI视频自动剪辑已成现实!效率提升80%,打工人福音!(附详细教程)
  • NtripShare全站仪自动化监测之气象改正
  • 【人工智能】项目案例分析:使用自动编码器进行信用卡欺诈检测
  • 【工控】线扫相机小结
  • 将Web应用部署到Tomcat根目录的三种方法
  • 工业和信息化部教育与考试中心计算机相关专业介绍
  • 第二证券:生物天然气线上交易达成 创新探索互联互通、气证合一
  • 重磅!RISC-V+OpenHarmony平板电脑发布
  • [DL]深度学习_扩散模型
  • AI学习记录 - 如何快速构造一个简单的token词汇表
  • JAVA中的数组流ByteArrayOutputStream
  • S3C2440中断处理
  • 《数据分析与知识发现》
  • IaaS,PaaS,aPaaS,SaaS,FaaS,如何区分?
  • 软件测试工具分享
  • word翻译工具有哪些?5个工具助你快速翻译Word文件
  • 【51单片机】ds18b20驱动,11.0592MHZ,使用DS18b20
  • Vue 导航条+滑块效果
  • Android:使用Gson常见问题(包含解决将Long型转化为科学计数法的问题)
  • 【Win开发环境搭建】Redis与可视化工具详细安装与配置过程
  • Compose知识分享
  • python-study-day5
  • Telegram mini app 本地开发配置
  • python发票查验接口助您拒绝做糊涂账、发票ocr
  • 【Linux】线程控制|POSIX线程库|多线程创建|线程终止|等待|线程分离|线程空间布局