__都非拉得的博客

  1. Home
  2. CentOS7 搭建ELK

Posted on 13 Jan 2021

CentOS7 搭建ELK

Kibana

  1. 下载Kibana 
    $ wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.3-linux-x86_64.tar.gz
  2. 解压缩 
    $ tar -xvf kibana-6.2.3-linux-x86_64.tar.gz /data/server
  3. 配置 
    $ vi /data/server/kibana-6.2.3-linux-x86_64/config/kibana.yml
server.port: 5601
server.host: "192.168.199.181"
elasticsearch.url: "http://192.168.199.181:9200"
pid.file: /var/run/kibana.pid
  4. 运行 
    $ /data/server/kibana-6.2.3-linux-x86_64/bin/kibana
// 在后台不输出日志的方式运行:
nohup /data/server/kibana-6.2.3-linux-x86_64/bin/kibana > /dev/null 2>&1 &
  5. 检查运行是否成功 
    http://192.168.199.181:5601

Elasticsearch

  1. 下载Elasticsearch 
    $ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.3.tar.gz
  2. 解压缩 
    $ tar -xvf elasticsearch-6.2.3.tar.gz /data/server
  3. 配置 
    $ vi /data/server/elasticsearch-6.2.3/config/elasticsearch.yml
cluster.name: my-application
node.name: node-1
path.data: /data/server/elasticsearch-6.2.3/data
path.logs: /data/logs/elasticsearch
network.host: 192.168.199.181
http.port: 9200
  4. 创建用户以及用户组并更改elasticsearch安装目录权限 
    $ groupadd elsearch
$ useradd elsearch -g elsearch -p elasticsearch
$ chown elsearch.elsearch -R /data/server/elasticsearch-6.2.3
  5. 优化参数 
    $ echo "vm.max_map_count=262144" >> /etc/sysctl.conf
$ sysctl -p
vm.max_map_count = 262144
$ vi /etc/security/limits.conf
*       soft    nofile  65536
*       hard    nofile  65536
  6. 启动 
    $ /data/server/elasticsearch-6.2.3/bin/elasticsearch
# 后台运行
$ /data/server/elasticsearch-6.2.3/bin/elasticsearch -d

Filebeat