一:下载并解压
elasticsearch-7.12.1-windows-x86_64.zip
logstash-7.12.1-windows-x86_64.zip
kibana-7.12.1-windows-x86_64.zip
二:配置
elasticsearch-7.12.1\configelasticsearch.yml
node.name: node-1
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
cluster.initial_master_nodes: ["node-1"]
新增logstash-7.12.1\config\logstash.conf
input {
tcp {
mode => "server"
host => "localhost"
port => 6999
codec => json_lines
type => "cloud-gateway"
}
}
filter {
if[type] == "cloud-gateway" {
mutate {
add_tag => ["cloud-gateway"]
}
}
}
output {
stdout {
codec => rubydebug
}
if "cloud-gateway" in [tags] {
elasticsearch {
hosts => ["localhost:9200"]
index => "cloud-gateway-%{+YYYY.MM.dd}"
}
}
}
三:编写 logstath.bat
cmd /k "D: &cd D:\software\EIK\logstash-7.12.1\bin & .\logstash.bat -f ../config/logstash.conf"
四:启动
elasticsearch.bat 、刚刚编写的logstath.bat、kibana.bat
五:访问
六: 项目日志输出到logstash
pom.xml
<logstash.version>4.10</logstash.version>
<dependency>
<groupId>net.logstash.logback</groupId>
<artifactId>logstash-logback-encoder</artifactId>
<version>${logstash.version}</version>
</dependency>
logback-spring.xml
<!--logstash配置-->
<appender name="log_stash" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<destination>localhost:6999</destination>
<!-- 日志输出编码 -->
<encoder charset="UTF-8" class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
<providers>
<timestamp>
<timeZone>UTC</timeZone>
</timestamp>
<pattern>
<pattern>
{
"level": "%level",
"service": "${springAppName:-}",
"traceId": "%X{X-B3-TraceId:-}",
"pid": "${PID:-}",
"thread": "%thread",
"class": "%logger{40}",
"msg": "%message"
}
</pattern>
</pattern>
</providers>
</encoder>
</appender>
<root level="info">
<appender-ref ref="log_stash"/>
</root>
启动项目可以看到logstash日志成功了
image.png
七: 查看日志
1:访问http://localhost:5601/
2:打开Stack Management
3:可以看到刚刚的日志
image.png
4:create index pattern
image.png
此处可以不做填写
image.png
5:创建成功后打开Discover就看到日志了
image.png
image.png
