Win10搭建ELK8.0.0环境
2024-05-09 15:25:26
下载
参考官方下载地址。
Elasticsearch
配置
配置文件路径 .\elasticsearch-8.0.0\config\elasticsearch.yml# 主机 IP,尽量不要使用回环地址,而是要使用私网地址
network.host: 127.0.0.1# 端口
http.port: 9200# 禁止下载 Geoip
ingest.geoip.downloader.enabled: false# 配置跨域
http.cors.enabled: true
http.cors.allow-origin: "*"启动
运行 .\elasticsearch-8.0.0\bin\elasticsearch.bat 脚本即可。
首次启动会自动配置安全信息:
-> Elasticsearch security features have been automatically configured!
-> Authentication is enabled and cluster connections are encrypted.-> Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):DycJB*X5KOjHuTq33tIu-> HTTP CA certificate SHA-256 fingerprint:bb5dd53131d6e160892c406dc26e36963a5f8c32aa4c330b1e7b77aeac0ca45a-> Configure Kibana to use this cluster:
* Run Kibana and click the configuration link in the terminal when Kibana starts.
* Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):eyJ2ZXIiOiI4LjAuMCIsImFkciI6WyIxMjcuMC4wLjE6OTIwMCJdLCJmZ3IiOiJiYjVkZDUzMTMxZDZlMTYwODkyYzQwNmRjMjZlMzY5NjNhNWY4YzMyYWE0YzMzMGIxZTdiNzdhZWFjMGNhNDVhIiwia2V5IjoiSC01OVFIOEJhb25naHNKU0x6RE46R0x4NnRLTkpRVUN4VGx0b2d6MVVoUSJ9-> Configure other nodes to join this cluster:
* On this node:- Create an enrollment token with `bin/elasticsearch-create-enrollment-token -s node`.- Uncomment the transport.host setting at the end of config/elasticsearch.yml.- Restart Elasticsearch.
* On other nodes:- Start Elasticsearch with `bin/elasticsearch --enrollment-token <token>`, using the enrollment token that you generated.在 .\elasticsearch-8.0.0\config\elasticsearch.yml 中自动新增安全配置:
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 28-02-2022 13:19:01
#
# --------------------------------------------------------------------------------# Enable security features
xpack.security.enabled: truexpack.security.enrollment.enabled: true# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:enabled: truekeystore.path: certs/http.p12# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:enabled: trueverification_mode: certificatekeystore.path: certs/transport.p12truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["DESKTOP-L24D7IP"]#----------------------- END SECURITY AUTO CONFIGURATION -------------------------启动成功:
使用 https 访问 https:127.0.0.1:9200,输入控制台中给出的账号密码:
可以看到启动成功了。 当然,账号密码可以自己设定:
bin/elasticsearch-reset-password -u elasticelasticsearch-head 插件
# github 地址
https://github.com/mobz/elasticsearch-head# npm 启动方式
git clone git://github.com/mobz/elasticsearch-head.git
cd elasticsearch-head
npm install
npm run start
open http://localhost:9100/如果遇到安装错误:
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! phantomjs-prebuilt@2.1.16 install: `node install.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the phantomjs-prebuilt@2.1.16 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.执行忽略脚本安装指令即可:
npm install phantomjs-prebuilt@2.1.16 --ignore-scripts最终完成启动:
还需要再配置 elasticsearch.yml 实现访问 https:
# 开启权限认证后,es-head-master 访问 es 需要的配置
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Typehttp://headIP:9100/?base_uri=https://ESIP:9200&auth_user=elastic&auth_password=yourPwd重置 Logstash 和 Kibana 账号密码
elasticsearch-reset-password -i -u username
Logstash
配置
# ------------ X-Pack Settings (not applicable for OSS build)--------------
#
# X-Pack Monitoring
# https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: logstash_system
#xpack.monitoring.elasticsearch.proxy: ["http://proxy:port"]
xpack.monitoring.elasticsearch.hosts: ["https://192.168.2.11:9200"]
# an alternative to hosts + username/password settings is to use cloud_id/cloud_auth
#xpack.monitoring.elasticsearch.cloud_id: monitoring_cluster_id:xxxxxxxxxx
#xpack.monitoring.elasticsearch.cloud_auth: logstash_system:password
# another authentication alternative is to use an Elasticsearch API key
#xpack.monitoring.elasticsearch.api_key: "id:api_key"
xpack.monitoring.elasticsearch.ssl.certificate_authority: "D:/elasticsearch-8.0.0/config/certs/http_ca.crt"
#xpack.monitoring.elasticsearch.ssl.truststore.path: path/to/file
#xpack.monitoring.elasticsearch.ssl.truststore.password: password
#xpack.monitoring.elasticsearch.ssl.keystore.path: /path/to/file
#xpack.monitoring.elasticsearch.ssl.keystore.password: password
xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
xpack.monitoring.elasticsearch.sniffing: false
#xpack.monitoring.collection.interval: 10s
#xpack.monitoring.collection.pipeline.details.enabled: true在 config 目录下新建 logstash.conf 作为日志输入输出配置:
# logstash.conf 日志捕获从指定路径的 access.log 文件中获得
# 输出到 es 的 "access-%{+YYYY.MM.dd}" 索引中,索引不存在则自动创建
# 同时考虑到是 https 访问,需要配置 sslinput {file {type => "nginx_access"path => "D:/testlogs/access.log"}}output {elasticsearch {hosts => ["https://192.168.2.11:9200"]index => "access-%{+YYYY.MM.dd}"user => "logstash_system"password => "logstash_system"ssl => truessl_certificate_verification => truecacert => "D:/elasticsearch-8.0.0/config/certs/http_ca.crt"}stdout {codec => json_lines}}启动
D:\logstash-8.0.0\bin>logstash -f ../config/logstash.conf在往 access.log 写入数据时,同步到 es :
Kibana
配置
配置文件在 .\kibana-8.0.0\config\kibana.yml
# 注意:IP 地址切勿使用回环地址,应使用私网地址
# SSL 中的 PEM 证书使用 elasticsearch 中的证书# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: 192.168.2.11# The maximum payload size in bytes for incoming server requests.
server.maxPayload: 1048576# The Kibana server's name. This is used for display purposes.
server.name: "kibaba-host"# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["https://192.168.2.11:9200"]# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
elasticsearch.username: "kibana_system"
elasticsearch.password: "LO50Eqdeow7v2Q7PVpTb"# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
elasticsearch.pingTimeout: 1500# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
elasticsearch.requestTimeout: 30000# Enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
elasticsearch.ssl.certificateAuthorities: [ "D:/elasticsearch-8.0.0/config/certs/http_ca.crt" ]# To disregard the validity of SSL certificates, change this setting's value to 'none'.
elasticsearch.ssl.verificationMode: certificate启动
执行 .\kibana-8.0.0\bin\kibana.bat 即可。
访问 http://localhost:5601 时需要输入 elastic 管理员账号密码:
创建数据视图:
management/kibana/dataViews
创建模板为 access-* 的数据视图,自动匹配 access-2022.03.01 索引,不使用时间过滤器。
在 discover 页面就可以使用该数据视图,看到索引里面的数据。
Win10搭建ELK8.0.0环境相关推荐
- win10搭建android monkeyrunner自动化测试环境
本文记录一下monkeyrunner环境搭建遇到的各种坑,以免以后再次踩坑.首先要提一下巨坑,务必要安装java 8(本文记录于2023.3),安装其他版本java,运行monneyrunner会有很 ...
- Server 2016 + Win10 搭建CA证书登录环境
手记. 启动服务器管理器,添加角色和功能. 选择AD证书服务. 选择证书颁发机构Web注册. IIS一般默认,或者再勾上.Net/CGI相应部分,WCF则需要在添加功能时选择http激活. 安装等好. ...
- Win10搭建星际争霸2SC2LE环境
这几天尝试Windows搭建Deepmind的星际争霸2平台,翻了好多博客,感觉都写的不是很好,关键环境和库的下载没有整理出来.https://blog.csdn.net/woaipichuli/ar ...
- Win10搭建go语言开发环境
1.下载Go镜像: https://golang.google.cn/dl/ 有windows.mac.linux三种系统版本,我安装的是windows版本的.点击下载,下载下来是这样子的 双击进行安 ...
- win10+1050显卡+cuda9.0+cudnn7.6.5+pytorch1.1.0+py3.7(conda)安装+jupyter运行+pycharm运行(conda环境)
win10+1050显卡+cuda9.0+cudnn7.5+pytorch1.1.0安装 参考网址 安装cuda9.0 检查GPU显卡支持的cuda版本 linux下查看cuda版本 windows版 ...
- 深度学习环境配置Win10+CUDA+cuDNN+Tensorflow2.0+PyTorch1.2+Python3.7.6
系统环境:Win10 Python版本:3.7.6 CUDA版本:10.0 cuDNN版本:7.6.5 Tensorflow-gpu版本:2.0.1 PyTorch版本:1.2.0 深度学习环境配置W ...
- Anaconda3+python3.7.10+TensorFlow2.3.0+PyQt5环境搭建
Anaconda3+python3.7.10+TensorFlow2.3.0+PyQt5环境搭建 一.Anaconda 创建 python3.7环境 1.进入 C:\Users\用户名 目录下,找到 ...
- Eclipse 3.5 Classic+Tomcat 6.0+MySql 5.5搭建java web开发环境
Eclipse 3.5 Classic+Tomcat 6.0+MySql 5.5搭建java web开发环境 对于初学者来说,如果没有接触过java web开发的话,搭建开发环境将是一个门槛.以前一直 ...
- Spark1.0.0 开发环境高速搭建
在本系列博客中.为了解析一些概念.解析一些架构.代码測试.搭建了一个实验平台.例如以下图所看到的: 本实验平台是在一台物理机上搭建的.物理机的配置是16G内存,4核8线程CPU. 平台的环境配置例如以 ...
最新文章
- R语言dplyr包filter函数通过逻辑条件过滤数据实战
- viewpager 无网络的时候滑动异常
- 大于小于优化_以MySQL为例,详解数据库索引原理及深度优化
- jdbc mysql参数_Mysql JDBC URL中的重要参数有啊些
- Linux内核BPF学习1
- birt脚本for循环_Shell脚本应用 – for、while循环语句
- 在js中的replace方法详解
- node JS 微信开发
- 2.在某应用软件中需要记录业务方法的调用日志,在不修改现有业务类的基础上为每一个类提供一个日志记录代理类,在代理类中输出日志,例如在业务方法 method() 调用之前输出“方法 method() 被
- 架构专家高磊:缓存为王——无线缓存架构优化
- Android传感器模拟器,如何为Android构建传感器模拟器?
- html让ie11不用兼容视图,如何设置ie11浏览器兼容性视图?
- java-ActiveXComponent调用com组件
- 国内量化投资策略的演进方向
- 运维人故障定责甩锅话语指南
- mac 重置 android手机系统,Mac OS X下Android系统华为手机无法连接问题之解决方案
- 如何稳步实现互联网流量变现?
- 什么是物联网网关及其主要特点
- C++基于QT的模仿宝石迷阵游戏源码
- 6.windbg-windbg环境