当前位置:网站首页>ELK deployment script---pro test available
ELK deployment script---pro test available
2022-07-31 00:23:00 【IT rat】
环境:centos7.9 && 网络通畅
注意事项:Some extensions require a connectiongithub网站,你懂的,Some plugins may fail to install,Can be skipped during script execution,Install it when the network is good.The operation method is given after the text.
架构:两台elasticsearch(Corresponding to two node scripts respectively);一台logstash,Corresponds to the machine added to log management.
废话少说,直接上脚本:
elasticsearch-node1脚本:(While the script is running, you will be prompted to enter some information such as IP,Log file path and log file type, etc)
#!/bin/bash
#function:ELK-YUM-node1
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch安装成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch安装失败,即将退出 !"
exit 0
fi
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak && rm -rf /etc/elasticsearch/elasticsearch.yml
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-1
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch启动成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch启动失败,继续安装,Please start it manually after the script has finished running !"
fi
##############head##########
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
##/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
sleep 5
############kopf##############
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
echo "登录http://$IP:9200/_plugin/kopf View node load "
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$IP:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/ && /opt/logstash/bin/logstash -f file.conf&
###########kibana##################
cd ~
wget https://download.elastic.co/kibana/kibana/kibana-4.3.1-linux-x64.tar.gz
tar zxvf kibana-4.3.1-linux-x64.tar.gz -C /opt/ && mv /opt/kibana-4.3.1-linux-x64/ /opt/kibana/
cat >> /opt/kibana/config/kibana.yml << EOF
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://$IP:9200"
kibana.index: ".kibana"
EOF
/opt/kibana/bin/kibana
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
echo "访问http://$IP:5601 Come check out Manage Your Logs "
elasticsearch-node2脚本:
#!/bin/bash
#function:ELK-YUM-note2
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-2
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
###mkdir -p /data/es-data
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service ###启动###
##############head##########
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
############kopf##############
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
###echo "登录http://$IP:9200/_plugin/kopf View node load "
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
logstash脚本:This script is used to output the logs of the corresponding server host toELK.
举个例子,You have a new server online,Want to monitor system logs,Then when you run the script, you will be prompted to enter the following information:
提示"Please enter the path to the local log file you want to monitor" 您输入 /var/log/messages (This is the system log path)
提示 "Please enter the native log file type you want to monitor(对应ES索引)" system
提示"请输入ES节点1的IP" Enter the corresponding nodeIP即可.
请注意:在ESThere are also related prompts in the script,Enter according to the actual situation.
#!/bin/bash
#function:ELK-YUM-logstash
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
填坑:
重新安装head扩展命令:
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
重新安装kopf扩展命令:
cd /usr/share/elasticsearch/ &&/ usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
If you have any other problems with the script, please send a private message.
边栏推荐
- MySQL数据库约束,表的设计
- Error in go mode tidy go warning “all” matched no packages
- 【愚公系列】2022年07月 Go教学课程 015-运算符之赋值运算符和关系运算符
- MySQL笔记下
- Encapsulate and obtain system user information, roles and permission control
- .NET Cross-Platform Application Development Hands-on Tutorial | Build a Kanban-style Todo App with Uno Platform
- Regular expression password policy and regular backtracking mechanism bypass
- 从两个易错的笔试题深入理解自增运算符
- Steven Giesel recently published a 5-part series documenting his first experience building an application with the Uno Platform.
- Basic usage of async functions and await expressions in ES6
猜你喜欢
随机推荐
Xss target drone training [success when pop-up window is realized]
(五)fastai应用
How to Repair Word File Corruption
asser利用蚁剑登录
WEB Security Basics - - - Vulnerability Scanner
【唐宇迪 深度学习-3D点云实战系列】学习笔记
VSCode高效开源神器有哪些
Steven Giesel 最近发布了一个由5部分内容组成的系列,记录了他首次使用 Uno Platform 构建应用程序的经验。
47. 【Pointers and Arrays】
What are the efficient open source artifacts of VSCode
Installation considerations for pytorch
PHP图片添加文字水印
MySQL数据库(基础)
消息队列存储消息数据的MySQL表设计
Error occurred while trying to proxy request项目突然起不来了
MPI简谈
xss绕过:prompt(1)
h264和h265解码上的区别
The difference between truncate and delete in MySQL database
Neural Network (ANN)