如何显示多个服务器彼此分开登录kibana
[英]How to show mulitple servers logs in kibana separatly from each other
问题描述
I have installed ELK on my Ubuntu server and install filebeat on remote server-A and server-B.
我已经在我的 Ubuntu 服务器上安装了 ELK,并在远程服务器 A 和服务器 B 上安装了 filebeat。 I have configured Log-stash to receive data from filebeat and forward them to Elasticsearch.我已将 Log-stash 配置为从 filebeat 接收数据并将它们转发到 Elasticsearch。 Both servers logs are showing in Kibana-->obeverability-->Logs.两台服务器日志都显示在 Kibana-->obeverability-->Logs 中。
The issue is both servers logs are got mixed and its hard to me find specific server log.问题是两个服务器日志都混合在一起,我很难找到特定的服务器日志。 If i add more than 3 or 4 server for logs monitoring so it would i be much hard to identify or search the specific server logs.如果我添加超过 3 或 4 个服务器用于日志监控,那么我将很难识别或搜索特定的服务器日志。 Is there any way to configure each server log separately from each server in kibana so that i would be easy to find specific server log.有什么方法可以将每个服务器日志与 kibana 中的每个服务器分开配置,以便我可以轻松找到特定的服务器日志。
Experts looking forward from hearing you.专家期待您的聆听。
1 个解决方案
解决方案1
0 2021-02-06 17:12:03
You can use filters in the search bar to look for separate hosts.您可以使用搜索栏中的过滤器来查找单独的主机。
Use a query like > beat.hostname: abc and it will filter the log stream for just the hostname "abc"使用类似 > beat.hostname: abc 的查询,它将过滤日志 stream 以获取主机名“abc”
Tip: You can also add this hostname as a column in the log stream so that you can differentiate which log is coming from which host without even applying the filter as mentioned above.提示:您还可以将此主机名作为列添加到日志 stream 中,以便您无需应用上述过滤器即可区分哪个日志来自哪个主机。
- GOTO Logs>>settings and find log columns options.转到日志>>设置并找到日志列选项。
- Here you can add multiple fields to be shown in the log stream.在这里您可以添加多个字段以显示在日志 stream 中。 Timestamp and message should be already there by default.默认情况下,时间戳和消息应该已经存在。
- Add "beat.hostname" as a column.添加“beat.hostname”作为列。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.