在Elasticsearch中解析日志时FileBeat有什么用
[英]What is the use of FileBeat while parsing logs in Elasticsearch
问题描述
我没有理解为什么在有logstash时为什么需要文件拍的概念。
2 个解决方案
解决方案1
0 已采纳 2018-10-26 19:28:09
With filebeat you are able to collect and forward logfiles from one or many remote servers. 
使用filebeat,您可以从一台或多台远程服务器收集和转发日志文件。 There is also a option to add source specific fields to your log entries. 还有一个选项可以将特定于源的字段添加到您的日志条目中。
You have several output options like elasticsearch or logstash for further analysis/filtering/modification. 您有几个输出选项,例如elasticsearch或logstash,以进行进一步的分析/过滤/修改。
Just imagine 20 or 200 machines running services like databases, webservers, hosting applications and containers. 试想一下,有20或200台运行诸如数据库,Web服务器,托管应用程序和容器之类的服务的机器。 And now you need to collect all the logs... 现在您需要收集所有日志...
only with logstash you'll be pretty limited in this scenario 仅使用logstash在这种情况下,您将受到很大限制
解决方案2
0 2018-10-26 23:44:33
Beats are light-weight agents used primarily for forwarding events from multiple sources. Beats是轻量级代理,主要用于转发来自多个源的事件。 Beats have a small footprint and use fewer system resources than Logstash. 与Logstash相比,Beats占用空间小,使用的系统资源更少。
Logstash has a larger footprint, but provides a broad array of input, filter, and output plugins for collecting, enriching, and transforming data from a variety of sources. Logstash具有较大的占用空间,但提供了广泛的输入,过滤器和输出插件,用于收集,充实和转换来自各种来源的数据。
Please note though that filebeat is also capable of parsing for most use cases using Ingest Node as described here . 请注意,虽然这filebeat也能够解析为使用摄取节点所描述的大多数用例这里 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.