ELK
运行
sh
docker pull elasticsearch:7.8.0
docker pull kibana:7.8.0
docker pull logstash:7.8.0
安装 elasticsearch
sh
docker run --name elasticsearch --restart=always -v /server/elasticsearch/data:/usr/share/elasticsearch/data -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -d elasticsearch:7.8.0
安装 Kibana
sh
docker run --name kibana --restart=always --link elasticsearch:elasticsearch -p 5601:5601 -d kibana:7.8.0
logstash
配置数据收集Pipline
yml
input {
tcp {
port => 5044
codec => json
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
index => "log_collection_%{+YYYY.MM}"
document_type => "logs"
}
}
安装 logstash
sh
docker run --rm -it -v /server/logs:/usr/share/logstash/logs/ logstash:7.8.0