当前位置:网站首页>ELK deployment script---pro test available
ELK deployment script---pro test available
2022-07-31 00:23:00 【IT rat】
环境:centos7.9 && 网络通畅
注意事项:Some extensions require a connectiongithub网站,你懂的,Some plugins may fail to install,Can be skipped during script execution,Install it when the network is good.The operation method is given after the text.
架构:两台elasticsearch(Corresponding to two node scripts respectively);一台logstash,Corresponds to the machine added to log management.
废话少说,直接上脚本:
elasticsearch-node1脚本:(While the script is running, you will be prompted to enter some information such as IP,Log file path and log file type, etc)
#!/bin/bash
#function:ELK-YUM-node1
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch安装成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch安装失败,即将退出 !"
exit 0
fi
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak && rm -rf /etc/elasticsearch/elasticsearch.yml
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-1
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch启动成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch启动失败,继续安装,Please start it manually after the script has finished running !"
fi
##############head##########
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
##/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
sleep 5
############kopf##############
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
echo "登录http://$IP:9200/_plugin/kopf View node load "
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$IP:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/ && /opt/logstash/bin/logstash -f file.conf&
###########kibana##################
cd ~
wget https://download.elastic.co/kibana/kibana/kibana-4.3.1-linux-x64.tar.gz
tar zxvf kibana-4.3.1-linux-x64.tar.gz -C /opt/ && mv /opt/kibana-4.3.1-linux-x64/ /opt/kibana/
cat >> /opt/kibana/config/kibana.yml << EOF
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://$IP:9200"
kibana.index: ".kibana"
EOF
/opt/kibana/bin/kibana
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
echo "访问http://$IP:5601 Come check out Manage Your Logs "
elasticsearch-node2脚本:
#!/bin/bash
#function:ELK-YUM-note2
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-2
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
###mkdir -p /data/es-data
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service ###启动###
##############head##########
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
############kopf##############
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
###echo "登录http://$IP:9200/_plugin/kopf View node load "
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
logstash脚本:This script is used to output the logs of the corresponding server host toELK.
举个例子,You have a new server online,Want to monitor system logs,Then when you run the script, you will be prompted to enter the following information:
提示"Please enter the path to the local log file you want to monitor" 您输入 /var/log/messages (This is the system log path)
提示 "Please enter the native log file type you want to monitor(对应ES索引)" system
提示"请输入ES节点1的IP" Enter the corresponding nodeIP即可.
请注意:在ESThere are also related prompts in the script,Enter according to the actual situation.
#!/bin/bash
#function:ELK-YUM-logstash
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
填坑:
重新安装head扩展命令:
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
重新安装kopf扩展命令:
cd /usr/share/elasticsearch/ &&/ usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
If you have any other problems with the script, please send a private message.
边栏推荐
- Error occurred while trying to proxy request The project suddenly can't get up
- mysql主从复制及读写分离脚本-亲测可用
- encrypted transmission process
- 从笔试包装类型的11个常见判断是否相等的例子理解:包装类型、自动装箱与拆箱的原理、装箱拆箱的发生时机、包装类型的常量池技术
- 对象集合去重的方法
- [Deep learning] Detailed explanation of Transformer model
- Homework: iptables prevent nmap scan and binlog
- How to solve types joiplay simulator does not support this game
- MySQL的触发器
- unity2D横版游戏教程4-物品收集以及物理材质
猜你喜欢
随机推荐
mysql索引失效的常见9种原因详解
加密传输过程
DNS解析过程【访问网站】
IOT跨平台组件设计方案
Kotlin协程:协程上下文与上下文元素
会议OA项目待开会议、所有会议功能
网络常用的状态码
【深入浅出玩转FPGA学习15----------时序分析基础】
Machine Learning 1-Regression Model (2)
Homework: iptables prevent nmap scan and binlog
ES 中时间日期类型 “yyyy-MM-dd HHmmss” 的完全避坑指南
(五)fastai应用
How to ensure the consistency of database and cache data?
MySQL的grant语句
GO GOPROXY代理设置
go mode tidy出现报错go warning “all“ matched no packages
Gabor滤波器学习笔记
The difference between substring and substr in MySQL
【深入浅出玩转FPGA学习13-----------测试用例设计1】
Jmeter参数传递方式(token传递,接口关联等)