ELK自动安装脚本

前端之家收集整理的这篇文章主要介绍了ELK自动安装脚本前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

ELK自动安装脚本

一、简介

ELK由Elasticsearch、Logstash和Kibana三部分组件组成;

Elasticsearch是个开源分布式搜索引擎,它的特点有:分布式,零配置,自动发现,索引自动分片,索引副本机制,restful风格接口,多数据源,自动搜索负载等。

Logstash是一个完全开源的工具,它可以对你的日志进行收集、分析,并将其存储供以后使用

kibana 是一个开源和免费的工具,它可以为 Logstash 和 ElasticSearch 提供的日志分析友好的 Web 界面,可以帮助您汇总、分析和搜索重要数据日志。

二、核心组件

Logstash: logstash server端用来搜集日志;

Elasticsearch: 存储各类日志;

Kibana: web化接口用作查寻和可视化日志;

Filebeat是一个日志文件托运工具,在你的服务器上安装客户端后,filebeat会监控日志目录或者指定的日志文件,追踪读取这些文件(追踪文件的变化,不停的读),并且转发这些信息到elasticsearch或者logstarsh中存放。

三、安装脚本

#!/bin/bash
#mail:xuel@anchnet.com
#data:2017/9/7
#AutoInstallELKscripts
#Software:elasticsearch-5.4.1/logstash-5.4.1/filebeat-5.4.1/kibana-5.4.1
clear
echo"#############################################################################"
echo"#AutoInstallELK.##"
echo"#PressCtrl+Ctocancel##"
echo"#Anykeytocontinue##"
echo"#Softwae:elasticsearch-5.4.1/logstash-5.4.1/filebeat-5.4.1/kibana-5.4.1##"
echo"#############################################################################"
read-p1
software_dir="/usr/local/software"
elasticsearch_url="https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.4.1.tar.gz"
kibana_url="https://artifacts.elastic.co/downloads/kibana/kibana-5.4.1-linux-x86_64.tar.gz"
logstash_url="https://artifacts.elastic.co/downloads/logstash/logstash-5.4.1.tar.gz"
filebeat_url="https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.4.1-linux-x86_64.tar.gz"
sys_version=`cat/etc/redhat-release|awk'{print$4}'|cut-d.-f1`
IP=`ipaddr|grep"inet"|grep-v127.0.0.1|awk'{print$2}'|cut-d/-f1`
jvm_conf="/usr/local/elasticsearch/config/jvm.options"
sys_mem=`free-m|grepMem:|awk'{print$2}'|awk'{sum+=$1}END{printsum/1024}'|cut-d.-f1`

#wgetsoftware
wget_fun(){
if[!-d${software_dir}];then
mkdir-p${software_dir}&&cd${software_dir}
else
cd${software_dir}
fi
forsoftwarein$elasticsearch_url$kibana_url$logstash_url$filebeat_url
do
wget-c$software
done
clear
}
#initialsystem:installjavawget;sethostname;disablefirewalld
init_sys(){
[-f/etc/init.d/functions]&&./etc/init.d/functions
["${sys_version}"!="7"]&&echo"Error:ThisScriptsSupportCentos7.xx"&&exit1
[$(id-u)!="0"]&&echo"Error:Youmustberoottorunthisscript"&&exit1
sed-i"s/SELINUX=enforcing/SELINUX=disabled/"/etc/selinux/config
setenforce0
yuminstall-yjava-1.8.0-openjdkwget
hostnamectlset-hostnameelk-server
systemctlstopfirewalld
cat>>/etc/security/limits.conf<<EOF
*softnofile65536
*hardnofile65536
*softnGproc65536
*hardnproc65536
EOF
}

#installelasticsearch
install_elasticsearch(){
cd$software_dir
tarzxfelasticsearch-5.4.1.tar.gz
mvelasticsearch-5.4.1/usr/local/elasticsearch
mkdir-p/usr/local/elasticsearch/data/usr/local/elasticsearch/logs
useraddelasticsearch
chown-Relasticsearch:elasticsearch/usr/local/elasticsearch
echo"vm.max_map_count=655360">>/etc/sysctl.conf&&sysctl-p
if[${sys_mem}-eq0];then
sed-i"s#`grep"^-Xmx"${jvm_conf}`#"-Xmx512m"#g"${jvm_conf}
sed-i"s#`grep"^-Xms"${jvm_conf}`#"-Xms512m"#g"${jvm_conf}
else
sed-i"s#`grep"^-Xmx"${jvm_conf}`#"-Xmx${sys_mem}g"#g"${jvm_conf}
sed-i"s#`grep"^-Xms"${jvm_conf}`#"-Xms${sys_mem}g"#g"${jvm_conf}
fi
cat>>/usr/local/elasticsearch/config/elasticsearch.yml<<EOF
cluster.name:my-application
node.name:elk-server
path.data:/usr/local/elasticsearch/data
path.logs:/usr/local/elasticsearch/logs
network.host:127.0.0.1
http.port:9200
discovery.zen.ping.unicast.hosts:["elk-server"]
EOF
su-elasticsearch-c"nohup/usr/local/elasticsearch/bin/elasticsearch&"
}

#installlogstash
install_logstash(){
cd$software_dir
tar-zxflogstash-5.4.1.tar.gz
mvlogstash-5.4.1/usr/local/logstash
cat>/usr/local/logstash/config/01-syslog.conf<<EOF
input{
beats{
port=>"5044"
}
}
output{
elasticsearch{
hosts=>"127.0.0.1:9200"
}
stdout{codec=>rubydebug}
}
EOF
nohup/usr/local/logstash/bin/logstash-f/usr/local/logstash/config/01-syslog.conf&>/dev/null
}

#installfilebeat
install_filebeat(){
cd$software_dir
tar-zxffilebeat-5.4.1-linux-x86_64.tar.gz
mvfilebeat-5.4.1-linux-x86_64/usr/local/filebeat
cat>/usr/local/filebeat/filebeat.yml<<EOF
filebeat.prospectors:
-input_type:log
paths:
-/var/log/*.log
output.logstash:
hosts:["127.0.0.1:5044"]
EOF
cd/usr/local/filebeat/
nohup/usr/local/filebeat/filebeat&>/dev/null
}

#installkibana
install_kibana(){
cd$software_dir
tar-zxfkibana-5.4.1-linux-x86_64.tar.gz
mvkibana-5.4.1-linux-x86_64/usr/local/kibana
cat>>/usr/local/kibana/config/kibana.yml<<EOF
server.port:5601
server.host:"0.0.0.0"
elasticsearch.url:"http://127.0.0.1:9200"
EOF
nohup/usr/local/kibana/bin/kibana&>/dev/null
}

check(){
port=$1
program=$2
check_port=`netstat-lntup|grep${port}|wc-l`
check_program=`ps-ef|grep${program}|grep-vgrep|wc-l`
if[$check_port-gt0]&&[$check_program-gt0];then
action"${program}runisok!"/bin/true
else
action"${program}runiserror!"/bin/false
fi
}

main(){
init_sys
wget_fun
install_elasticsearch
install_filebeat
install_logstash
install_kibana
echo-e"\033[32mCheckingElasticsearch...\033[0m"
sleep20
check:9200"elasticsearch"
echo-e"\033[32mCheckingLogstash...\033[0m"
sleep2
check":9600""logstash"
echo-e"\033[32mCheckingKibana...\033[0m"
sleep2
check":5601""kibana"
action"ELKinstallissuccess!"/bin/true
echo"url:http://$IP:5601"
}
main

四、脚本安装

wKioL1m1-hni9aOIAAAURuL5zto404.png

安装完成访问:http://IP:5601即可访问

五、配置

通过web界面访问,创建index patterns

wKioL1m1-uuzT6OBAASR1jy8AmM682.png

六、查看日志与dashboard

wKioL1m1-qnRB5BjAAJIziq5TBI863.png

wKioL1m1_hfwXxJFAAIzCIFORxU769.png

原文链接:https://www.f2er.com/bash/390861.html

猜你在找的Bash相关文章