设置ELK集群账号密码

一、设置ELK集群账号密码

  1. 切换到es用户

  2. 主节点生成证书

    cd /home/es/elasticsearch-7.6.2/bin
    ./elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass "" 
    
  3. 将主节点证书发给其他两个节点

  4. 修改配置文件,启用x-pack:cat /home/es/elasticsearch-7.6.2/config/elasticsearch.yml

    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    
  5. 三台服务器重启elasticsearch:./elasticsearch -d

  6. 设置密码,可以都设置成一样的:./elasticsearch-setup-passwords interactive -->ffcsict123
    设置ELK集群账号密码_第1张图片

  7. 测试登录:http://192.168.248.10:9200/,账号/密码:elastic/ffcsict123
    设置ELK集群账号密码_第2张图片

  8. 修改kibana配置,末尾添加:vi /home/es/kibana-7.6.2-linux-x86_64/config/kibana.yml

    elasticsearch.username: "elastic"
    elasticsearch.password: "ffcsict123"
    
  9. 修改logstash配置:vi /home/es/logstash-7.6.2/config/logstash.yml

    xpack.monitoring.enabled: true
    xpack.monitoring.elasticsearch.username: elastic
    xpack.monitoring.elasticsearch.password: ffcsict123
    xpack.monitoring.elasticsearch.hosts: ["http://127.0.0.1:9200"]
    
  10. 修改logstash日志配置

    output {
      if [fields][filetype] == "testlog-log" {
       elasticsearch {
        hosts => ["http://192.168.248.10:9200","http://192.168.248.11:9200","http://192.168.248.12:9200"]
        index => "testlog-%{+YYYY.MM.dd}"
        user => "elastic"
        password => "ffcsict123"
       }
      } else if [fields][filetype] == "jar-log"{
       elasticsearch {
        hosts => ["http://192.168.248.10:9200","http://192.168.248.11:9200","http://192.168.248.12:9200"]
        index => "jar-%{+YYYY.MM.dd}"
        user => "elastic"
        password => "ffcsict123"
       }
      }else {
       elasticsearch {
        hosts => ["http://192.168.248.10:9200","http://192.168.248.11:9200","http://192.168.248.12:9200"]
        index => "hdfs-%{+YYYY.MM.dd}"
        user => "elastic"
        password => "ffcsict123"
       }
      }
    }
    
    
  11. 启动logstash:nohup /home/es/logstash-7.6.2/bin/logstash -f /home/es/logstash-7.6.2/config/logstash-sample.conf &

  12. 启动kibana:nohup /home/es/kibana-7.6.2-linux-x86_64/bin/kibana &

  13. 启动filebeat:nohup /home/es/filebeat-7.6.2-linux-x86_64/filebeat -e -c /home/es/filebeat-7.6.2-linux-x86_64/filebeat.yml &

  14. 访问kibana
    设置ELK集群账号密码_第3张图片

  15. 修改logstash的jar-log类型对应的日志路径的日志,然后刷新kibana,如果日志正常显示则说明成功

    filebeat.inputs:
    - type: log
      enabled: true
      paths:
        - /home/es/testlog-log/*.log
      fields:     
        filetype: testlog-log
    - type: log
      enabled: true
      paths:
        - /home/es/jar-log/*.log
      fields:     
        filetype: jar-log
    

设置ELK集群账号密码_第4张图片

二、java api设置账号密码连接

 /**
     * 获取es连接
     *
     * @return
     */
    public static RestHighLevelClient getEsHighInit() {

        // 创建凭据提供程序
        final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        credentialsProvider.setCredentials(AuthScope.ANY,new UsernamePasswordCredentials(esUsername, esPassword));


        RestClientBuilder http = RestClient.builder(new HttpHost(ip, Integer.parseInt(port), "http"))
                .setRequestConfigCallback(new RestClientBuilder.RequestConfigCallback() {
                    @Override
                    public RequestConfig.Builder customizeRequestConfig(RequestConfig.Builder requestConfigBuilder) {
                        requestConfigBuilder.setConnectTimeout(700000);
                        requestConfigBuilder.setSocketTimeout(600000);
                        requestConfigBuilder.setConnectionRequestTimeout(100000);
                        return requestConfigBuilder;
                    }
                }).setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
                    @Override
                    public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpAsyncClientBuilder) {
                        return httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
                    }
                });;
        return new RestHighLevelClient(http);
    }

你可能感兴趣的:(elk,elasticsearch,java)