ElasticSearch+Kibana+Packetbeat
来源:互联网 发布:js atan2函数 编辑:程序博客网 时间:2024/05/16 12:54
一、介绍
Packetbeat 是一个实时网络数据包分析工具,通过嗅探应用服务器之间的网络通讯,来解码应用层协议类型如HTTP、MySQL、redis等等,关联请求与响应,并记录每个事务有意义的字段。
Kibana是一个分析与可视化平台,设计出来用于和Elasticsearch一起使用的。你可以用kibana搜索、查看、交互存放在Elasticsearch索引里的数据,使用各种不同的图表、表格、地图等kibana能够很轻易地展示高级数据分析与可视化。
ElasticSearch是一个开源的分布式搜索引擎,具备高可靠性,支持非常多的企业级搜索用例。像Solr4一样,是基于Lucene构建的。支持时间时间索引和全文检索。
二、系统要求:Java环境
三、安装步骤
安装ElasticSearch
1.下载解压
2../bin/elasticsearch
如果是用root账号启动,会报以下错误
java.lang.RuntimeException: can not run elasticsearch as root
3.添加普通用户elsearch
[root@localhost bin]# groupadd elsearch[root@localhost bin]# useradd elsearch -g elsearch [root@localhost local]# chown -R elsearch:elsearch elasticsearch-5.3.1/[root@localhost logs]# su elsearch[elsearch@localhost logs]$ cd /usr/local/elasticsearch-5.3.1/bin/cd elasticsearch/bin[elsearch@localhost bin]$./elasticsearch -d启动后打印信息如下
[2017-04-29T02:05:37,773][INFO ][o.e.n.Node ] [] initializing ...[2017-04-29T02:05:38,283][INFO ][o.e.e.NodeEnvironment ] [BdGOiwE] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [12.5gb], net total_space [16.9gb], spins? [unknown], types [rootfs][2017-04-29T02:05:38,284][INFO ][o.e.e.NodeEnvironment ] [BdGOiwE] heap size [503.6mb], compressed ordinary object pointers [true][2017-04-29T02:05:38,286][INFO ][o.e.n.Node ] node name [BdGOiwE] derived from node ID [BdGOiwEfSXa1393zTZkD5w]; set [node.name] to override[2017-04-29T02:05:38,286][INFO ][o.e.n.Node ] version[5.3.1], pid[53678], build[5f9cf58/2017-04-17T15:52:53.846Z], OS[Linux/3.10.0-514.el7.x86_64/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/1.8.0_102/25.102-b14][2017-04-29T02:05:41,445][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [aggs-matrix-stats][2017-04-29T02:05:41,445][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [ingest-common][2017-04-29T02:05:41,445][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [lang-expression][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [lang-groovy][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [lang-mustache][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [lang-painless][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [percolator][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [reindex][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [transport-netty3][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] loaded module [transport-netty4][2017-04-29T02:05:41,446][INFO ][o.e.p.PluginsService ] [BdGOiwE] no plugins loaded[2017-04-29T02:05:52,078][INFO ][o.e.n.Node ] initialized[2017-04-29T02:05:52,094][INFO ][o.e.n.Node ] [BdGOiwE] starting ...[2017-04-29T02:05:52,830][INFO ][o.e.t.TransportService ] [BdGOiwE] publish_address {127.0.0.1:9300}, bound_addresses {[::1]:9300}, {127.0.0.1:9300}[2017-04-29T02:05:52,835][WARN ][o.e.b.BootstrapChecks ] [BdGOiwE] max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536][2017-04-29T02:05:52,835][WARN ][o.e.b.BootstrapChecks ] [BdGOiwE] max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144][2017-04-29T02:05:56,068][INFO ][o.e.c.s.ClusterService ] [BdGOiwE] new_master {BdGOiwE}{BdGOiwEfSXa1393zTZkD5w}{SEihKgNKTqe1bHDo316wlw}{127.0.0.1}{127.0.0.1:9300}, reason: zen-disco-elected-as-master ([0] nodes joined)[2017-04-29T02:05:56,177][INFO ][o.e.g.GatewayService ] [BdGOiwE] recovered [0] indices into cluster_state[2017-04-29T02:05:56,188][INFO ][o.e.h.n.Netty4HttpServerTransport] [BdGOiwE] publish_address {127.0.0.1:9200}, bound_addresses {[::1]:9200}, {127.0.0.1:9200}[2017-04-29T02:05:56,190][INFO ][o.e.n.Node ] [BdGOiwE] started无法启动的错误,解决办法很多,Google之,在此略过
浏览器打开http://ip:9200/ 显示如下 
安装Kibana
1.下载解压
2. ./bin/kibana
3. 浏览器打开 http://localhost:5601
如果打不开页面,可以参考https://segmentfault.com/q/1010000007488864
安装packetbeat
1.下载解压
2.加载Packetbeat索引模板
[root@localhost packetbeat-5.3.1-linux-x86_64]# curl -H 'Content-Type: application/json' -XPUT 'http://localhost:9200/_template/packetbeat' -d@packetbeat.template.json{"acknowledged":true}3.导入 Kibana 仪表盘示例
[root@localhost scripts]# ./import_dashboards -es http://localhost:9200Create temporary directory /tmp/tmp244734216Downloading https://artifacts.elastic.co/downloads/beats/beats-dashboards/beats-dashboards-5.3.1.zipUnzip archive /tmp/tmp244734216Importing Kibana from /tmp/tmp244734216/beats-dashboards-5.3.1/filebeatImporting Kibana from /tmp/tmp244734216/beats-dashboards-5.3.1/heartbeatImporting Kibana from /tmp/tmp244734216/beats-dashboards-5.3.1/metricbeat......4.测试
[root@localhost packetbeat-5.3.1-linux-x86_64]# curl -XGET 'http://localhost:9200/packet'eat-*/_search?pretty { "took" : 106, "timed_out" : false, "_shards" : { "total" : 5, "successful" : 5, "failed" : 0 }, "hits" : { "total" : 2576, "max_score" : 1.0, "hits" : [ { "_index" : "packetbeat-2017.04.29", "_type" : "flow", "_id" : "AVu135SZFyYD-AeZcX68", "_score" : 1.0, "_source" : { "@timestamp" : "2017-04-28T18:43:00.016Z", "beat" : { "hostname" : "localhost.localdomain", "name" : "localhost.localdomain", "version" : "5.3.1" ......
0 0
- ElasticSearch+Kibana+Packetbeat
- packetbeat+elasticsearch+kibana集成手册
- ElasticSearch 和packetBeat 的使用
- [Elasticsearch]elasticsearch+kibana+marvel安装
- elasticsearch+logstash+kibana 初探
- Elasticsearch Kibana使用
- Elasticsearch+Logstash+Kibana配置
- flume + elasticSearch + kibana
- elasticsearch+logstash+kibana+marvel
- 搭建elasticsearch+logstash+kibana
- elasticsearch+kibana+marvel安装
- elasticsearch kibana简单查询
- Elasticsearch—安装Kibana
- Elasticsearch+kibana搭建
- elasticsearch kibana简单查询
- elasticsearch+kibana安装
- ELK-ElasticSearch+Logstash+Kibana
- [ElasticSearch]Kibana插件安装
- 图解http学习笔记4.返回结果的HTTP状态码
- 2017/4/29夜~思绪
- 4. Median of Two Sorted Arrays
- GDB Tutorial: Advanced Debugging Tips For C/C++ Programmers
- 利用Git搭建自动部署的Laravel环境
- ElasticSearch+Kibana+Packetbeat
- Scrum敏捷项目管理
- WebPack 简明学习教程
- 218. The Skyline Problem
- Troubleshooting OpenStack Bug- 每天5分钟玩转 OpenStack(162)
- 240. Search a 2D Matrix II
- 机器学习实战第二章,kNN
- 安装vue.js的方法,安装nodejs,安装cnpm
- 【哈佛商评】人工智能的创造力总会有极限
