《Elastic Stack 实战手册》——三、产品能力——3.4.入门篇——3.4.1.Elastic Stack 安装部署——3.4.1.4.安装Logstash(本地及Docker)(中) https://developer.aliyun.com/article/1231372
查看收集到Elasticsearch索引的数据:
> curl http://localhost:9200/_cat/indices
默认 Logstash 生成以 Logstash 开头带有日期的索引:
green open logstash-2021.04.09-000001 3UhrpKMlRRCsJ7e5BRzHpA 1 1 0 0 208b 208b
查看索引中的数据:
> curl -XPOST 'http://localhost:9200/logstash-2021.04.09-000001/_search' -H 'Content-Type: application/json' -d '{"query":{"match_all":{}}}'
返回如下结果;
{ "took": 1, "timed_out": false, "hits": { "hits": [ { "_index": "logstash-2021.04.09-000001", "_type": "_doc", "_id": "aTL3UHkBSh9MyZ_E_yVB", "_score": 1.0, "_source": { "host": "elastichost", "path": "/data/logs/springboot.log", "message": "2021-04-09 17:58:47.172 INFO 23556 --- [ restartedMain] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Start completed3.", "@version": "1", "tags": [ "_grokparsefailure" ], "@timestamp": "2021-04-09T11:51:40.390Z" } } ] } }
Docker方式安装
拉取镜像
docker pull docker.elastic.co/logstash/logstash:7.10.0
Docker 模式运行 Logstash
# 1.参考tar包中logstah/config文件夹下所有配置拷贝一份放在宿主机 /usr/share/logstash/config/ # 2.修改pipeline.yml,增加以下配置 pipeline.id: main path.config: /usr/share/logstash/config/log4j2es.conf # -v挂载Logstash的配置/usr/share/logstash/config/到docker的路径~/settings/中 docker run --rm -it -v ~/settings/:/usr/share/logstash/config/ docker.elastic.co/logstash/logstash:7.10.0
创作人简介:
冯江涛,关注大数据相关技术栈,擅长 HDFS、Elasticsearch 存储相关,Spark、Flink 计算相关,以及大数据中台的开发。 Talk is cheap. Show me the code.
