Logstash介绍:
概述
Logstash 是 Elastic Stack 的中央数据流引擎,用于收集、丰富和统一所有数据,而不管格式或模式。当与Elasticsearch,Kibana,及 Beats 共同使用的时候便会拥有特别强大的实时处理能力。在这段视频中,Elastic 技术布道师曾勇将会对如何开始 Logstash 进行了概述和演示。
Logstash 是免费且开放的服务器端数据处理管道,能够从多个来源采集数据,转换数据,然后将数据发送到您最喜欢的“存储库”中。
Logstash 能够动态地采集、转换和传输数据,不受格式或复杂度的影响。利用 Grok 从非结构化数据中派生出结构,从 IP 地址解码出地理坐标,匿名化或排除敏感字段,并简化整体处理过程。Logstash主要由三部分组成:
- input:从一个或多个数据源获取数据,常用插件如file、syslog、redis、beats等。
- filter:用来数据过滤、格式转换等,常见插件如grok、mute、drop、geoip等
- output:数据输出,常用插件如elastcisearch、file、statsd等
Logstash下载:
提示:因为是使用Ruby写的,所以需要先安装JAVA JDK,这里不细说怎么安装JDK
建议kibana、es、logstash的版本一致否则会出现兼容性问题
-
历史版本下载地址
-
官网最新版下载地址
Logstash安装:
解压压缩包即可非常简单文章来源:https://www.toymoban.com/news/detail-441537.html
$ tar -zxvf logstash-7.10.2-darwin-x86_64.tar.gz
vim logstash-sample.conf
# Sample Logstash configuration for creating a simple
# Beats -> Logstash -> Elasticsearch pipeline.
input {
beats {
port => 5044
}
}
output {
elasticsearch {
hosts => ["http://localhost:9200"]
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
#user => "elastic"
#password => "changeme"
}
}
Logstash启动:
提示:这里 -e 指的是启动通过命令行进行配置文章来源地址https://www.toymoban.com/news/detail-441537.html
$ logstash -e 'input { stdin {} } output { stdout {} }'
Using JAVA_HOME defined java: /Library/Java/JavaVirtualMachines/jdk1.8.0_291.jdk/Contents/Home
WARNING, using JAVA_HOME while Logstash distribution comes with a bundled JDK
Sending Logstash logs to /Users/xiaojialiang/module/logstash-7.10.2/logs which is now configured via log4j2.properties
[2022-07-18T19:24:33,639][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.10.2", "jruby.version"=>"jruby 9.2.13.0 (2.5.7) 2020-08-03 9a89c94bcc Java HotSpot(TM) 64-Bit Server VM 25.291-b10 on 1.8.0_291-b10 +indy +jit [darwin-x86_64]"}
[2022-07-18T19:24:33,934][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2022-07-18T19:24:35,409][INFO ][org.reflections.Reflections] Reflections took 55 ms to scan 1 urls, producing 23 keys and 47 values
[2022-07-18T19:24:36,585][INFO ][logstash.javapipeline ][main] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>8, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>1000, "pipeline.sources"=>["config string"], :thread=>"#<Thread:0x74a21a6f run>"}
[2022-07-18T19:24:37,477][INFO ][logstash.javapipeline ][main] Pipeline Java execution initialization time {"seconds"=>0.88}
[2022-07-18T19:24:37,520][INFO ][logstash.javapipeline ][main] Pipeline started {"pipeline.id"=>"main"}
The stdin plugin is now waiting for input:
[2022-07-18T19:24:37,598][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2022-07-18T19:24:37,970][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
{
"message" => "",
"@version" => "1",
"@timestamp" => 2022-07-18T11:24:37.582Z,
"host" => "xiaoDe-MacBook-Pro.local"
}
到了这里,关于【笔记】Logstash环境搭建和安装配置的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
![[ 环境搭建篇 ] 安装 java 环境并配置环境变量(附 JDK1.8 安装包)](https://imgs.yssmx.com/Uploads/2024/02/520717-1.png)
![[ 环境搭建篇 ] Windows 安装 go 环境并配置环境变量(附go.1.20.2安装包)](https://imgs.yssmx.com/Uploads/2024/02/486706-1.png)
