1-1-3 Logstash部署
最后更新于:2022-04-02 07:41:41
### 基础环境部署
#### 阿里YUM源配置(略)
#### 全局JDK 1.8部署
```shell
yum install java-1.8.131
```
#### 部署logstash
```shell
rpm -ivh /opt/logstash-5.5.2.rpm
#logstash家目录
/usr/share/logstash/
```
### 测试logstash
#### 输出到当前窗口(不推荐)
```shell
/usr/share/logstash/bin/logstash -e 'input {stdin {}} output {stdout{ }}'
...
13:46:31.584 [Api Webserver] INFO logstash.agent - Successfully started Logstash API endpoint {:port=>9600}
```
输入信息,logstash会增加时间戳后输出
```shell
ding
2017-08-29T05:46:35.339Z web-log.prod.ding ding
```
>备注:时间戳不是东八区,浏览器会自动转换
#### 输出到文件并压缩
```shell
/usr/share/logstash/bin/logstash -e 'input {stdin {}} output {file{path => "/tmp/logstash-test-%{+YYYY.MM.dd}.log.tar.gz" gzip => true}}'
```
输入后查看/tmp下的文件
#### 输出到Elasticsearch
```shell
/usr/share/logstash/bin/logstash -e 'input {stdin {}} output {elasticsearch{hosts=>["192.168.0.231:9200"] index => "logstash-test-%{+YYYY.MM.dd}"}}'
```
输入后查看Elasticsearch
> ##### 备注:括号位置,双引号位置,容易出错,还需要熟悉logstash的语法
';