当前位置:网站首页>ELK deployment script---pro test available
ELK deployment script---pro test available
2022-07-31 00:23:00 【IT rat】
环境:centos7.9 && 网络通畅
注意事项:Some extensions require a connectiongithub网站,你懂的,Some plugins may fail to install,Can be skipped during script execution,Install it when the network is good.The operation method is given after the text.
架构:两台elasticsearch(Corresponding to two node scripts respectively);一台logstash,Corresponds to the machine added to log management.
废话少说,直接上脚本:
elasticsearch-node1脚本:(While the script is running, you will be prompted to enter some information such as IP,Log file path and log file type, etc)
#!/bin/bash
#function:ELK-YUM-node1
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch安装成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch安装失败,即将退出 !"
exit 0
fi
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak && rm -rf /etc/elasticsearch/elasticsearch.yml
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-1
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service
if [ $? -eq 0 ];then
echo -e "\n\033[32m-----------------------------------------------\033[0m"
echo -e "\033[32melasticsearch启动成功 !\033[0m"
else
echo -e "\033[32mmelasticsearch启动失败,继续安装,Please start it manually after the script has finished running !"
fi
##############head##########
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
##/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
sleep 5
############kopf##############
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
echo "登录http://$IP:9200/_plugin/kopf View node load "
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$IP:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/ && /opt/logstash/bin/logstash -f file.conf&
###########kibana##################
cd ~
wget https://download.elastic.co/kibana/kibana/kibana-4.3.1-linux-x64.tar.gz
tar zxvf kibana-4.3.1-linux-x64.tar.gz -C /opt/ && mv /opt/kibana-4.3.1-linux-x64/ /opt/kibana/
cat >> /opt/kibana/config/kibana.yml << EOF
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://$IP:9200"
kibana.index: ".kibana"
EOF
/opt/kibana/bin/kibana
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
echo "访问http://$IP:5601 Come check out Manage Your Logs "
elasticsearch-node2脚本:
#!/bin/bash
#function:ELK-YUM-note2
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOF
sleep 5
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
###############jdk###############
yum install java -y
############elasticsearch#################
yum install elasticsearch -y
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
read -p "Please enter anotherES节点的IP" KIP
cat >> /etc/elasticsearch/elasticsearch.yml << EOG
cluster.name: test
node.name: test-2
path.data: /data/es-data
path.logs: /var/log/elasticsearch/
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["127.0.0.1", "$KIP"]
EOG
sleep 5
###mkdir -p /data/es-data
sleep 5
#cat >> /etc/security/limits.conf << EOF
#elasticsearch soft memlock unlimited
#elasticsearch hard memlock unlimited
#EOF
mkdir -p /data/es-data && chown -R elasticsearch:elasticsearch /data/es-data
sleep 5
systemctl start elasticsearch.service ###启动###
##############head##########
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
#sleep 5
IP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}'| awk -F / '{print $1}')
echo "登录http://$IP:9200/_plugin/head/访问您的elasticsearch "
############kopf##############
cd /usr/share/elasticsearch/
/usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
###echo "登录http://$IP:9200/_plugin/kopf View node load "
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
logstash脚本:This script is used to output the logs of the corresponding server host toELK.
举个例子,You have a new server online,Want to monitor system logs,Then when you run the script, you will be prompted to enter the following information:
提示"Please enter the path to the local log file you want to monitor" 您输入 /var/log/messages (This is the system log path)
提示 "Please enter the native log file type you want to monitor(对应ES索引)" system
提示"请输入ES节点1的IP" Enter the corresponding nodeIP即可.
请注意:在ESThere are also related prompts in the script,Enter according to the actual situation.
#!/bin/bash
#function:ELK-YUM-logstash
#author:tommypeng 20220729
#####root判断#####
if
[ "$USER" != "root" ]
then
echo "错误:非root用户,权限不足!"
exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
##############网络测试##############
ping -c 3 www.baidu.com
if
[ $? = 0 ]
then
echo "外网通讯良好!"
else
echo "丫的你在逗我吗?网都没有安装个毛线!"
exit 1
fi
##############yum源配置################
rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch &&
cat >> /etc/yum.repos.d/logstash.repo << EOG
[logstash-2.1]
name=Logstash repository for 2.1.x packages
baseurl=http://packages.elastic.co/logstash/2.1/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enable=1
EOG
sleep 5
##############logstash#############
yum install logstash -y
sleep 5
ln -s /opt/logstash/bin/logstash /usr/bin/
read -p "Please enter the path to the local log file you want to monitor" PPO
read -p "Please enter the native log file type you want to monitor(对应ES索引)" WOKAO
read -p "请输入ES节点1的IP" HAOSHUAI
cat >> /opt/logstash/bin/file.conf << EOG
input {
file {
path => "$PPO"
type => "$WOKAO"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["$HAOSHUAI:9200"]
index => "$WOKAO-%{+YYYY.MM.dd}"
}
}
EOG
systemctl start logstash
sleep 5
systemctl restart logstash
cd /opt/logstash/bin/
/opt/logstash/bin/logstash -f file.conf&
填坑:
重新安装head扩展命令:
cd /usr/share/elasticsearch/ && /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head
重新安装kopf扩展命令:
cd /usr/share/elasticsearch/ &&/ usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf
If you have any other problems with the script, please send a private message.
边栏推荐
- web漏洞之需要准备的工作
- 如何在WordPress网站上添加导航菜单
- 对象集合去重的方法
- WEB Security Basics - - - Vulnerability Scanner
- 从笔试包装类型的11个常见判断是否相等的例子理解:包装类型、自动装箱与拆箱的原理、装箱拆箱的发生时机、包装类型的常量池技术
- Optimization of aggregate mentioned at DATA AI Summit 2022
- Add text watermark to PHP image
- xss绕过:prompt(1)
- In-depth understanding of the auto-increment operator from two error-prone written test questions
- MySQL notes under
猜你喜欢
![DNS resolution process [visit website]](/img/58/ae9464dc714c4fcb958424ac134c99.png)
DNS resolution process [visit website]
Mysql体系化之JOIN运算实例分析
How to Repair Word File Corruption
After writing business code for many years, I found these 11 doorways, which only experts know
joiplay模拟器rtp如何安装
Error ER_NOT_SUPPORTED_AUTH_MODE Client does not support authentication protocol requested by serv
(5) fastai application
How to use joiplay emulator
Regular expression password policy and regular backtracking mechanism bypass
Machine Learning 1-Regression Model (2)
随机推荐
MySQL笔记下
what is jira
pytorch bilinear interpolation
乌克兰外交部:乌已完成恢复粮食安全出口的必要准备
MySQL筑基篇之增删改查
How to ensure the consistency of database and cache data?
【愚公系列】2022年07月 Go教学课程 015-运算符之赋值运算符和关系运算符
.NET 跨平台应用开发动手教程 |用 Uno Platform 构建一个 Kanban-style Todo App
Strict Mode for Databases
@requestmapping注解的作用及用法
web漏洞之需要准备的工作
.NET Cross-Platform Application Development Hands-on Tutorial | Build a Kanban-style Todo App with Uno Platform
(5) fastai application
joiplay模拟器如何导入游戏存档
Shell programming conditional statement test command Integer value, string comparison Logical test File test
An easy-to-use interface testing tools - the Postman
binglog日志追踪:数据备份并备份追踪
ES6中 async 函数、await表达式 的基本用法
45. [Application of list linked list]
background对float的子元素无效