elk系列教程:docker中安装配置elk

思考的稻草人 2019-11-04

elasticSearch

Docker安装elasticsearch:

docker pull docker.io/elasticsearch:7.2.0

启动:

docker run -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" --name es -d docker.io/elasticsearch:7.2.0

logstash

Docker安装logstash

docker pull docker.io/logstash:7.2.0

配置:

运行容器:

docker run --name logstash -d -p 5044:5044 -p 9600:9600 logstash:7.2.0

创建配置文件目录,设置权限:

mkdir -p /home/elk/logstash/config && \
chown -R 1000 /home/elk/logstash

拷贝配置文件:

docker cp logstash:/usr/share/logstash/config /home/elk/logstash/config

删除容器:

docker rm -f logstash

重新运行容器:

docker run --name logstash -d \
-p 5044:5044 \
-p 9600:9600 \
-v /home/elk/logstash/config:/usr/share/logstash/config \
-v /home/elk/logstash/jars/mysql-connector-java-5.1.47.jar:/usr/share/logstash/logstash-core/lib/jars/mysql-connector-java-5.1.47.jar \
-e xpack.monitoring.elasticsearch.hosts=http://192.168.52.131:9200 \
logstash:7.2.0 \
-f /usr/share/logstash/config/logstash-sample.conf

logstash-sample.conf配置:

input {
  jdbc {
    jdbc_driver_library => "mysql-connector-java-5.1.47.jar"
    jdbc_driver_class => "com.mysql.jdbc.Driver"
    jdbc_connection_string => "jdbc:mysql://127.0.0.1:3306/sms_db"
    jdbc_user => "root"
    jdbc_password => "x5"
    schedule => "* * * * *"
    jdbc_default_timezone => "Asia/Shanghai"
    statement => "select * from sms_sendsms"
    use_column_value  => false
  }
}
output{
    elasticsearch{
        hosts => "192.168.44.129:9200" # ES连接
        index => "uum_user_log"      # ES索引名称
        document_id => "%{id}"   # id对应ORACLE中主键字段
    }
}

注:驱动程序这里我搞了好久都没有搞定,后面看到官方的github里面有人提问说将jar放到logstash容器里面的/usr/share/logstash/logstash-core/lib/jars文件夹中,好像logstash默认就是读取jars文件夹中的驱动,所以jdbc_driver_library 这个位置直接写驱动名称就行了,所以猜想启动语句中,不包含第二条挂载语句的话,jdbc_driver_library => " ../../../config/ mysql-connector-java-5.1.47.jar"是否可以这种挂载文件,本人未作校验。

kibana

Docker安装kibana

docker pull docker.io/kibana:7.2.0

配置:

docker run --name kibana -d \ -p 5601:5601 \ -e ELASTICSEARCH_HOSTS=http://192.168.52.131:9200 \ -v /home/elk/kibana/plugins:/usr/share/kibana/plugins:rw \ kibana:7.2.0

原文地址:https://www.35youth.cn/671.html

来源:三无青年博客
原文:http://www.35youth.cn/671.html

相关推荐