1.elasticsearch的 搭建
3.
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nofile 65536
创建运行ELK的用户,elasticsearch 不能在root 用户下直接启动所以创建 elk 用户 作为启动 elasticsearch的用户
4.
[root@localhost local]# groupadd elk
[root@localhost local]# useradd -g elk elk
vi /etc/sysctl.conf
#增加以下参数
vm.max_map_count=655360
创建ELK运行目录
[root@localhost local]# mkdir /elk
[root@localhost local]# chown -R elk:elk /elk
修改elasticserach 中conf 下的文件 elasticserach.yml 文件 注意格式
5.
cluster.name: Tepusoft #节点名称
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: elk-1 ##节点名称
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /elk/es-data
#
# Path to log files:
#
path.logs: /elk/es-logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 192.168.5.132
#
# Set a custom port for HTTP:
#
http.port: 9200
http.cors.enabled: true #此处必须开启
http.cors.allow-origin: "*" #此处必须开启 否则elasticsearch-head 插件无法调用 运行
#
设置开机启动的脚本
1.安装logstash
1.安装Kinaba