0.logstash的部分配置
output {
stdout {codec => rubydebug}
elasticsearch {
hosts => ["172.31.250.16:9200"]
index => "syslog-%{+YYY.MM.dd}"
user => "elastic"
password => "changeme"
}
}1.elasticsearch的配置文件
[dev@VM_0_1_centos config]$ cat elasticsearch.yml |egrep -v '^#'
cluster.name: wxqyh-dev-application
node.name: 1-9200
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["10.0.0.1", "10.0.0.3","10.0.0.4"]
action.auto_create_index: .security,.monitoring*,.watches,.triggered_watches,.watcher-history*
indices.query.bool.max_clause_count: 20480
indices.fielddata.cache.size: 20%2.kibana的配置文件
[root@rbtnode1 config]# egrep -v '^$|^#' kibana.yml
server.port: 80
server.host: "172.31.250.16"
elasticsearch.url: "http://172.31.250.16:9200"
elasticsearch.username: "elastic"
elasticsearch.password: "changeme"
logging.dest: /var/log/kibana.log
3.搭建集群的心得
装包--问题不大
修改配置
3.1.集群地址设置
通过 discovery.zen.ping.unicast.hosts 可以配置集群的主机地址,配置之后集群的主机之间可以自动发现,这里我配置的是内网地址
3.2.节点数目相关配置
可成为主节点的主机数目 / 2) + 1
3.3.kibana只要一个就可以了
用一个例子来演示会更加清晰
