白眉大叔 filebeat 安装 : 连接
7.将数据写入es案例
首先配置一下 /etc/filebeat/filebeat.yml
vim
/etc/filebeat/filebeat.yml修改
# ---------------------------- Elasticsearch Output ----------------------------
output.elasticsearch:
# Array of hosts to connect to.
#hosts: ["localhost:9200"]
hosts: ["http://10.0.0.208:9200"]
不然后边不生效, 不知道为啥
然后
cd /etc/filebeat/config
vim 3outpues.yml
filebeat.inputs:
- type: log
enabled: true
paths:
- /tmp/test.log
- /tmp/*.txt
tags: ["baimeidashuedu-linux80","容器运维","DBA运维","SRE运维工程师"]
fields:
school: "沙河"
class: "大一班80"
output.elasticsearch:
hosts: ["http://10.0.0.208:9200"]
index: "baimeidashuedu-linux-elk-%{+yyyy.MM.dd}"
# 禁用索引生命周期管理
setup.ilm.enabled: false
# 设置索引模板的名称
setup.template.name: "baimeidashuedu-linux"
# 设置索引模板的匹配模式
setup.template.pattern: "baimeidashuedu-linux*"
运行
filebeat -e -c /etc/filebeat/config/3outpues.ym
然后 测试
echo baimeidashu1233 >> /tmp/test.log
去查看es
es 需要设置
GET _cluster/settings?filter_path=*.action.auto_create_index
PUT _cluster/settings
{
"persistent": {
"action.auto_create_index": "true"
}
}
然后再kibana 中查询
欢迎来撩 : 汇总all
