Elasticsearch Filebeat
[英]Elasticsearch Filebeat
问题描述
Im new to Elasstic Search and im trying to integrate ES in our infrastructure. 
我是Elasstic Search的新手,正在尝试将ES集成到我们的基础架构中。 I installed one central ES server (6.0) with Elasticsearch, Kibana .... 我在Elasticsearch,Kibana上安装了一台中央ES服务器(6.0)。
The first task I wanted to do is sending apache logfiles from other servers into this ES server. 我要做的第一个任务是将其他服务器的apache日志文件发送到此ES服务器。
From the description of filebeat it seems this module is doing exactly the things i want (lightweight shipping of logfiles to ES server): 从filebeat的描述来看,似乎该模块完全可以满足我的要求(轻量级将日志文件传送到ES服务器):
https://www.elastic.co/downloads/beats/filebeat https://www.elastic.co/downloads/beats/filebeat
I installed filebeat from the RPM to our Server. 我从RPM向我们的服务器安装了文件拍。 But it seems not to run because of missing Plugins (geoIP, UA). 但似乎由于缺少插件(geoIP,UA)而无法运行。 I tried to install these but there is no executable "elasticsearch-plugin" available. 我尝试安装这些,但没有可执行的“ elasticsearch-plugin”。
Do i have to install the whole ES package on every server I want to send logfiles to our ES Server? 我是否需要在要向其ES Server发送日志文件的每台服务器上安装整个ES软件包?
Or is there another way to send logfiles to the ES Server and process fields like IP and UA on the Server side? 还是有另一种方法将日志文件发送到ES Server并在服务器端处理IP和UA之类的字段?
1 个解决方案
解决方案1
0 已采纳 2017-12-04 05:32:31
It's not the only approach, but this is generally the best way to get started. 这不是唯一的方法,但这通常是入门的最佳方法。
You're nearly there: The elasticsearch-plugin is located in /usr/share/elasticsearch/bin/ . 您快要准备好了: elasticsearch-plugin 位于/ usr / share / elasticsearch / bin /中 。 You will need to install the GeoIP and UA plugins on every Elasticsearch node. 您将需要在每个Elasticsearch节点上安装GeoIP和UA插件。 Once that's done you should be able to use the Apache module in Filebeat. 完成后,您应该能够在Filebeat中使用Apache模块。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.