ELK6.2最简化部署

ELK服务器

操作系统版本：centos7.5

IP地址：192.168.23.142

一、安装jdk1.8

下载地址

http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html

rpm -ivh /tmp/jdk-8u172-linux-x64.rpm

java -version

二、安装elasticsearch

groupadd elasticsearch

useradd elasticsearch -g elasticsearch

cd /opt/

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz

tar -zxvf elasticsearch-6.2.4.tar.gz

chown -R elasticsearch.elasticsearch /opt/elasticsearch-6.2.4

启动elasticsearch

su elasticsearch

cd /opt/elasticsearch-6.2.4

bin/elasticsearch -d

curl -XGET '127.0.0.1:9200'

三、安装logstash

cd /opt/

wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.tar.gz

tar -zxvf logstash-6.2.4.tar.gz

vim /opt/logstash-6.2.4/default.conf

input {
    beats {
        port => "5044"
    }
}
filter {
    grok {
        match => { "message" => "%{COMBINEDAPACHELOG}" }
    }
    geoip {
        source => "clientip"
    }
}
output {
    elasticsearch {
        hosts => ["127.0.0.1:9200"]
    }
}

启动logstash

cd /opt/logstash-6.2.4

nohup bin/logstash -f default.conf --config.reload.automatic &

四、安装kibana

cd /opt/

wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.4-linux-x86_64.tar.gz

tar -zxvf kibana-6.2.4-linux-x86_64.tar.gz

vim /opt/kibana-6.2.4-linux-x86_64/config/kibana.yml

修改为

启动kibana

cd /opt/kibana-6.2.4-linux-x86_64/

nohup bin/kibana &

五、http://192.168.23.142:5601/

稍等服务启动完毕，时间视ELK服务器配置有长有短。

然后用浏览器打开http://192.168.23.142:5601/

至此，ELK部署完毕。