Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Elastic + kibana + logstash + redis 对mongodb, nginx日志进行分析 #7

Open
wangming1993 opened this issue Oct 28, 2015 · 0 comments
Open

Elastic + kibana + logstash + redis 对mongodb, nginx日志进行分析 #7

wangming1993 opened this issue Oct 28, 2015 · 0 comments
Labels
linux 系统运维

Comments

@wangming1993
Copy link
Owner

Elastic + kibana + logstash + redis 搭建的日志分析平台

项目分析

mongodb运行时没有将日志文件进行切割,  随着运行时间的增加, mongod.log越来越大, 已经无法进行有效的数据分析了, 因此需要搭建一个日志分析平台, 可以索引每一条记录, 并能够提供方便快速准确的查询接口
网站的每一个访问都会在nginx的日志文件中产生一条记录, 通过kabana可以很好的展现中。

软件需求

1. elasticsearch 版本1.7.3 (tar download)

2. kibana 版本 Kibana 4.1.2 (64-bit tar download) 

3. logstash 版本 Logstash 1.5.4 (tar download)

4. redis 版本 2.8.4

5. mongodb 版本 3.0.6

软件安装

安装 elasicsearch

tar -zxvf elasticsearch-1.7.3.tar.gz  /home/user/elasticsearch-1.7.3
cd /home/user/elasticsearch-1.7.3/bin
./elasticsearch &

访问 http://127.0.0.1:9200
elasticsearch_start

安装 kibana

tar -zxvf kibana-4.1.2-linux-x64.tar.gz  /home/user/kibana-4.1.2-linux-x64
cd /home/user/kibana-4.1.2-linux-x64/bin
./kibana &

访问 http://127.0.0.1:5601/

安装redis

sudo apt-get install redis-server
sudo apt-get install php5-redis

使用 redis-cli -v 查看安装是否成功

安装mongodb

[安装教程

](http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/)

系统架构

struct

配置管理

开启logstash agent

input {
        file {
                type => "mongo access log"
                path => ["/var/log/mongodb/mongod.log"]
        }
  file {
                type => "nginx access log"
                path => ["/var/log/nginx/*.log"]
        } 
}
output {
        redis {
                host => "127.0.0.1" #redis server
                data_type => "list"
                key => "logstash:redis"
        }
}

可以这么理解: logstash 将 /var/log/mongodb/mongod.log 作为输入, 每一次mongod.log文件有改动
都会将新添加的内容输出到 output中(这里我们配置的是redis中, 存储的类型为list)

开启logstash indexer

input {
        redis {
                host => "127.0.01"
                data_type => "list"
                key => "logstash:redis"
                type => "redis-input"
        }
}
output {
        elasticsearch {
                embedded => false
                protocol => "http"
                host => "localhost"
                port => "9200"
        }
}

redis中的内容输出到elasticsearch

开启 mongodb的日志追加模式

开启 verbose = true

操作 mongodb 使产生新的日志, 打开kabana的接口 http://127.0.0.1:5601 即可观察到:

kibana
@wangming1993 wangming1993 changed the title Elastic + kibana + logstash + redis 对mongodb日志进行分析 Elastic + kibana + logstash + redis 对mongodb, nginx日志进行分析 Oct 29, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
linux 系统运维
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wangming1993