ELK使用redis做中間鍵，減少整個elk的壓力

原創

yunson_Liu

2020-06-28 12:02

1、安裝redis，安裝部署過程這裏不介紹（這裏redis的ip爲192.168.0.197，端口爲6379）

2、配置logstash的收集數並導入redis的配置文件和從redis中獲取數據導入elasticsearch的兩個配置文件

1、配置導入redis數據的配置文件，並啓動logstash服務

input {
      file{
        path => "/var/log/messages"             #指定要收集的日誌文件
  type => "system"  #指定類型爲system，可以自定義，type值和output{ } 中的type對應即可
        start_position => "beginning"       #從開始處收集
        }
      file{
        path => "/home/otc/otc-web/logs/gxzx-otc-web.log"
        type => "otc"
        start_position => "beginning"
         }
       file{ 
        path => "/home/deploy/financial-management/logs/gxzx-fin-web.log"
        type => "financial"
        start_position => "beginning"
          }
       file{
        path => "/home/deploy/activity_service/logs/gxzx-act-web.log"
        type => "act"
        start_position => "beginning"
       }     
       file{
        path => "/home/deploy/mining/logs/gxzx-min-web.log"
        type => "mining"
        start_position => "beginning"
}     
       }
output {
        if [type] == "system" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_system'
             }
        }
        if [type] == "otc" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_otc'
             }
        }
        if [type] == "financial" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_financial'
             }
        }
        if [type] == "act" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_act'
             }
        }
        if [type] == "mining" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_mining'
             }
        }
}

啓動服務：

在源碼安裝的logstash的bin目錄下執行，後面還要加一路徑，默認是當前執行這的家目錄下
 ./logstash -f input_redis.conf &

2、配置從redis導出數據的配置文件

input {
        beats {
            port => 5045
        }
        if [type] == "system" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_system'
        }
        }
        if [type] == "otc" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_otc'
             }
        }
        if [type] == "financial" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_financial'
             }
        }
        if [type] == "act" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_act'
             }
        }
        if [type] == "mining" {
             redis {
                 host => "192.168.0.197"
                 password => '901Bcpct'
                 port => "6379"
                 db => "3"
                 data_type => "list"
                 key => 'logs_mining'
             }
        }
}


output {
        if [type] == "system" {           #如果type爲system，
           elasticsearch {                  #就輸出到Elasticsearch服務器
             hosts => ["192.168.0.117:9200"]               #Elasticsearch監聽地址及端口
             index => "system-%{+YYYY.MM.dd}"           #指定索引格式
                }
             }
        if [type] == "otc" {
  elasticsearch {
             hosts => ["192.168.0.117:9200"]
             index => "nginx_otc-%{+YYYY.MM.dd}"
               }
             } 
        if [type] == "financial" {
          elasticsearch {
             hosts => ["192.168.0.117:9200"]
             index => "nginx_financial-%{+YYYY.MM.dd}"
             }
          }  
        if [type] == "act" {
          elasticsearch {
             hosts => ["192.168.0.117:9200"]
             index => "act_log-%{+YYYY.MM.dd}"
             }
          }  
        if [type] == "mining" {
          elasticsearch {
             hosts => ["192.168.0.117:9200"]
             index => "mining_log-%{+YYYY.MM.dd}"
             }
          }  
        }

同樣啓動服務

./logstash -f output_redis.conf --path.data=/home/elk/ &
此時我將路徑改成了另一個路徑了

此時我們就可以在redis上看到我們剛剛加的key和值

此時我們的redis就加入到我們的elk當中

發表評論

所有評論

還沒有人評論，想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.

ELK使用redis做中間鍵，減少整個elk的壓力

HTML頁面關於高分屏的設置

北歐瑞典挪威芬蘭瑞士TikTok海外網紅與YouTube博主的合作模式

druid數據源 xml配置

nginx配置四層端口轉發mysql登錄

Ubuntu EOS2.0.6幣服務安裝

ELK使用redis做中間鍵，減少整個elk的壓力

upstream timed out (110: Connection timed out) while reading response header from upstream, client:

Centos和ubuntu 瑞波幣,xrp 節點搭建

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結