docker搭建ELK日志采集系统(三)
参考:https://zhuanlan.zhihu.com/p/107346014?from_voters_page=true
环境:
| 服务器 | 系统 | IP | 掩码 |
| elk | centos 7 | 10.99.101.232 | 255.255.255.0 |
三、docker安装logstash
docker pull logstash:7.6.0
mkdir /home/elk/logstashconfig
vi /home/elk/logstashconfig/logstash.conf
input {
tcp {
port => 5044
codec => "plain"
}
}
filter{
}
output {
# 这个是logstash的控制台打印(进行安装调试的开启,稍后成功后去掉这个配置即可)
stdout {
codec => rubydebug
}
# elasticsearch配置
elasticsearch {
hosts => ["10.99.101.232:9200"]
}
}
docker run -di -p 5044:5044 -v /home/elk/logstashconfig/logstash.conf:/usr/share/logstash/pipeline/logstash.conf --name logstash --privileged=true logstash:7.6.0
docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8dac3cd3be1e logstash:7.6.0 "/usr/local/bin/do..." 11 seconds ago Up 11 seconds 0.0.0.0:5044->5044/tcp, 9600/tcp logstash
4cb4808e9edb kibana:7.6.0 "/usr/local/bin/du..." 2 hours ago Up 2 hours 0.0.0.0:5601->5601/tcp kibana
9073ef7cb7d3 elasticsearch:7.6.0 "/usr/local/bin/do..." 4 hours ago Up 2 hours 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp elasticsearch
docker update --restart=always 8dac3cd3be1e
firewall-cmd --add-port=5044/tcp --permanent
firewall-cmd --add-port=9600/tcp --permanent
firewall-cmd --reload
