winxcoder 2020-02-19
目前大多数中小型企业使用tomcat 服务作为后端服务器,因为tomcat支持java代码。但是每次查看tomcat的日志(catalina.out),不仅庞大,还特别不方便查询,所以应用ELK平台监控tomcat日志是很有必要的。
详细安装过程参考博客: https://blog.51cto.com/13760351/2471799
cd /usr/local/tomcat/bin
sh startup.sh &
vim /root/tomcat.conf
input { file { path => "/usr/local/tomcat/logs/catalina.out" start_position => "beginning" } } filter { date { match => ["timestamp" , "YYYY-MM-dd HH:mm:ss"] } } output { elasticsearch { hosts => ["192.168.0.102:9200"] } stdout { codec => rubydebug } }
/opt/logstash/bin/logstash -f /root/tomcat.conf