ELK搜索条件

ELK搜索条件 1、要搜索一个确切的字符串,即精确搜索,需要使用双引号引起来:path:”/app/logs/nginx/access.log [阅读全文]

docker安装ELK和一些注意事项

环境介绍 Centos 7.2 + Docker 17.09.0-ce + Elasticsearch 5.6.3 + elasticsearch-head 5 拉取镜像 docker pull docker.elastic.co/elasticsearch/elasticsearch:5.6.3 docker pull mobz/elasticsearch-head:5 配置文件 elsasticsearch es1.yml cluster.name: “dali” node.name: node1 node.master: true node.data: true head插件设置 http.cors.enabled: true http.cors.allow-origin: “*” 关闭X-Pack xpack.security.enabled: false network.host: 0.0.0.0 discovery.zen.minimum_master_nodes: 1 es2.yml cluster.name: “dali” node.name: node2 [阅读全文]

docker部署3节点ELK集群

一、安装elasticsearch集群 3个节点执行: apt-get install openjdk-8-jdk docker pull elasticsearch:6.4.2 cat /etc/sysctl.conf 加一行 vm.max_map_count=655360 root@k8s01b:/data/<a href="http://yw8.tech/tag/elk/" title="查看与 elk 相关的文章" target="_blank">elk</a># cat es1.yml #集 [阅读全文]

filebeat + elk(docker容器日志收集方案)

https://www.jianshu.com/p/7f404e804463 filebeat 5.3.1 结合 rancher 和 data-volume 实现横向扩展 ELK Stack 6.x with docker 关于集群化可参考 :http://www.jianshu.com/p/9dfac37885cb http://blog.csdn.net/qq_39284787/article/details/78874132 http://blog.csdn.net/Raptor/article/details/77622114 用Do [阅读全文]

k8s日志收集方案

落盘了,然后filebeat收集, DOCKERFILE做镜像 root@wyw-PC:/home/wyw/service-test# cat Dockerfile #pull down OS image FROM harbor.xikang.com/microservice/openjre8-base:v3 #copy src into image ADD ./service-hi/ /opt/service-hi WORKDIR /opt/service-hi ENTRYPOINT ["./start.sh"] k8s 部署服务 root@rancher:~# cat testlog.yaml kind: Deployment apiVersion: extensions/v1beta1 metadata: name: log-vo1 spec: replicas: 2 template: metadata: [阅读全文]

logstash无法写入ES问题解决

curl -XPUT -H 'Content-Type: application/json' http://127.0.0.1:9200/_all/_settings -d '{"index.blocks.read_only_allow_delete": null}' 启动多个节点的ES后,ES开始推举master节点并同步分片shard数据到新ES节点上,此时观察Logstash日志抛出 [阅读全文]