1-1-3 Logstash部署

### 基础环境部署 #### 阿里YUM源配置（略） #### 全局JDK 1.8部署 ```shell yum install java-1.8.131 ``` #### 部署logstash ```shell rpm -ivh /opt/logstash-5.5.2.rpm #logstash家目录 /usr/share/logstash/ ``` ### 测试logstash #### 输出到当前窗口（不推荐） ```shell /usr/share/logstash/bin/logstash -e 'input {stdin {}} output {stdout{ }}' ... 13:46:31.584 [Api Webserver] INFO logstash.agent - Successfully started Logstash API endpoint {:port=>9600} ``` 输入信息，logstash会增加时间戳后输出 ```shell ding 2017-08-29T05:46:35.339Z web-log.prod.ding ding ``` >备注：时间戳不是东八区，浏览器会自动转换 #### 输出到文件并压缩 ```shell /usr/share/logstash/bin/logstash -e 'input {stdin {}} output {file{path => "/tmp/logstash-test-%{+YYYY.MM.dd}.log.tar.gz" gzip => true}}' ``` 输入后查看/tmp下的文件 #### 输出到Elasticsearch ```shell /usr/share/logstash/bin/logstash -e 'input {stdin {}} output {elasticsearch{hosts=>["192.168.0.231:9200"] index => "logstash-test-%{+YYYY.MM.dd}"}}' ``` 输入后查看Elasticsearch > ##### 备注：括号位置，双引号位置，容易出错，还需要熟悉logstash的语法