当前位置:网站首页>ELK deployment script---pro test available
ELK deployment script---pro test available
2022-07-31 00:23:00 【IT rat】
环境:centos7.9 && 网络通畅
注意事项:Some extensions require a connectiongithub网站,你懂的,Some plugins may fail to install,Can be skipped during script execution,Install it when the network is good.The operation method is given after the text.
架构:两台elasticsearch(Corresponding to two node scripts respectively);一台logstash,Corresponds to the machine added to log management.
废话少说,直接上脚本:
elasticsearch-node1脚本:(While the script is running, you will be prompted to enter some information such as IP,Log file path and log file type, etc)
#!/bin/bash
#function:ELK-YUM-node1
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch安装成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch安装失败,即将退出 !"
exit 0
fi
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak && rm -rf /etc/elasticsearch/elasticsearch.yml
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-1
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch启动成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch启动失败,继续安装,Please start it manually after the script has finished running !"
fi
##############head##########
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
##/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
sleep 5
############kopf##############
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
echo "登录http://$IP:9200/_plugin/kopf View node load "
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$IP:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/ && /opt/logstash/bin/logstash -f file.conf&
###########kibana##################
cd ~
wget https://download.elastic.co/kibana/kibana/kibana-4.3.1-linux-x64.tar.gz
tar zxvf kibana-4.3.1-linux-x64.tar.gz -C /opt/ && mv /opt/kibana-4.3.1-linux-x64/ /opt/kibana/
cat >> /opt/kibana/config/kibana.yml << EOF
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://$IP:9200"
kibana.index: ".kibana"
EOF
/opt/kibana/bin/kibana
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
echo "访问http://$IP:5601 Come check out Manage Your Logs "
elasticsearch-node2脚本:
#!/bin/bash
#function:ELK-YUM-note2
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-2
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
###mkdir -p /data/es-data
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service ###启动###
##############head##########
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
############kopf##############
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
###echo "登录http://$IP:9200/_plugin/kopf View node load "
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
logstash脚本:This script is used to output the logs of the corresponding server host toELK.
举个例子,You have a new server online,Want to monitor system logs,Then when you run the script, you will be prompted to enter the following information:
提示"Please enter the path to the local log file you want to monitor" 您输入 /var/log/messages (This is the system log path)
提示 "Please enter the native log file type you want to monitor(对应ES索引)" system
提示"请输入ES节点1的IP" Enter the corresponding nodeIP即可.
请注意:在ESThere are also related prompts in the script,Enter according to the actual situation.
#!/bin/bash
#function:ELK-YUM-logstash
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
填坑:
重新安装head扩展命令:
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
重新安装kopf扩展命令:
cd /usr/share/elasticsearch/ &&/ usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
If you have any other problems with the script, please send a private message.
边栏推荐
- [In-depth and easy-to-follow FPGA learning 13---------Test case design 1]
- 对象集合去重的方法
- How to solve the error of joiplay simulator
- MySQL数据库的truncate与delete区别
- Bypass of xss
- Android security optimization - APP reinforcement
- [Tang Yudi Deep Learning-3D Point Cloud Combat Series] Study Notes
- web漏洞之需要准备的工作
- ABC 261 F - Sorting Color Balls(逆序对)
- xss绕过:prompt(1)
猜你喜欢
Android security optimization - APP reinforcement
How to use joiplay emulator
joiplay模拟器不支持此游戏类型怎么解决
Gabor filter study notes
会议OA项目待开会议、所有会议功能
Linux 部署mysql 5.7全程跟踪 完整步骤 django部署
Gabor滤波器学习笔记
![[In-depth and easy-to-follow FPGA learning 13---------Test case design 1]](/img/1c/a88ba3b01d2e2302c26ed5f730b956.png)
[In-depth and easy-to-follow FPGA learning 13---------Test case design 1]
作业:iptables防止nmap扫描以及binlog
【Multithreading】
随机推荐
45. [Application of list linked list]
46.
如何在WordPress网站上添加导航菜单
MySql数据恢复方法个人总结
XSS相关知识
binglog日志追踪:数据备份并备份追踪
Learn Scope from a Compilation Perspective!
MySQL的grant语句
Steven Giesel recently published a 5-part series documenting his first experience building an application with the Uno Platform.
pytorch bilinear interpolation
MySQL table design for message queue to store message data
PHP图片添加文字水印
registers (assembly language)
mysql索引失效的常见9种原因详解
jira是什么
Word文件损坏如何修复
DATA AI Summit 2022提及到的对 aggregate 的优化
Jmeter parameter transfer method (token transfer, interface association, etc.)
【深度学习】Transformer模型详解
IOT跨平台组件设计方案