搭建ELK日志分析系统(Docker方式)

  1. 安装Docker CE
$ sudo yum install -y yum-utils \
  device-mapper-persistent-data \
  lvm2

$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

$ sudo yum install docker-ce

$ sudo systemctl start docker

$ sudo docker run hello-world
  1. 安装Docker Compose
$ sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose

$ sudo chmod +x /usr/local/bin/docker-compose

$ docker-compose --version
  1. https://github.com/deviantony/docker-elk克隆源代码
$ git clone https://github.com/deviantony/docker-elk

$ docker-compose up -d
  1. 默认端口配置
  • 5000: Logstash TCP input
  • 9200: Elasticsearch HTTP
  • 9300: Elasticsearch TCP transport
  • 5601: Kibana
  1. 修改logstash.conf配置
input {
  tcp {
    port => 5000
    codec => json_lines
  }
}

output {
  elasticsearch {
    hosts => "elasticsearch:9200"
  }
}
  1. 在微服务项目中,添加logback-spring.xml配置文件,内容如下:
<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="false">
    <include resource="org/springframework/boot/logging/logback/base.xml"/>

    <property name="appName" value="gateway"/>
    <property name="appVersion" value="1.0.0"/>

    <springProfile name="default,dev">
        <property name="logstashDest" value="172.20.15.52:5000"/>

        <appender name="logstash" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
            <destination>${logstashDest}</destination>
            <encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
                <providers>
                    <mdc/> <!-- MDC variables on the Thread will be written as JSON fields-->
                    <context/> <!--Outputs entries from logback's context -->
                    <version/> <!-- Logstash json format version, the @version field in the output-->
                    <logLevel/>
                    <loggerName/>

                    <pattern>
                        <pattern>
                            {
                            <!-- we can add some custom fields to be sent with all the log entries.-->
                            <!--make filtering easier in Logstash-->
                            "appName": "${appName}",
                            "appVersion": "${appVersion}"
                            }
                        </pattern>
                    </pattern>

                    <threadName/>
                    <message/>

                    <logstashMarkers/> <!-- Useful so we can add extra information for specific log lines as Markers-->
                    <arguments/> <!--or through StructuredArguments-->

                    <stackTrace/>
                </providers>
            </encoder>
        </appender>
    </springProfile>

    <root level="INFO">
        <appender-ref ref="CONSOLE"/>

        <springProfile name="default,dev">
            <appender-ref ref="logstash"/>
        </springProfile>
    </root>
</configuration>
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。