Sprinboot integrates ELK to build a real-time log platform

Elk profile

Elasticsearch is an open source distributed search engine. It features distributed, zero configuration, automatic discovery, index sharding, index copy, restful interface, multiple data sources, and automatic search load.
Logstash is a completely open source tool that collects, filters, and stores your logs for future use (e.g., searching).
Kibana is also an open source and free tool that provides a log analysis friendly Web interface for Logstash and ElasticSearch to help you aggregate, analyze and search important data logs.

Elk download and install

Elk download address: www.elastic.co/downloads/

It is recommended to run on Linux, elK is not well supported on Windows, in addition, jdK1.8 support is required, you need to install JDK in advance.

After downloading: Install with logstash as chestnut:

cd /usr/local/
 
mkdir logstash
 
tar -zxvf logstash-5.3.2.tar.gz
 
mv logstash-5.3.2 /usr/local/logstashCopy the code

Configure and start Elasticsearch

Open the Elasticsearch configuration file:

vim config/elasticsearch.ymlCopy the code

Modify the configuration:

network.host=localhost
network.port=9200Copy the code

It defaults to this configuration, with no special requirements and no need to change it locally.

Start the Elasticsearch

/bin/elasticsearchCopy the code

Localhost :9200

{
  "name" : "56IrTCM"."cluster_name" : "elasticsearch"."cluster_uuid" : "e4ja7vS2TIKI1BsggEAa6Q"."version" : {
    "number" : "5.2.2."."build_hash" : "f9d9b74"."build_date" : "The 2017-02-24 T17: he. 835 z"."build_snapshot" : false."lucene_version" : 6.4.1 ""
  },
  "tagline" : "You Know, for Search"
}Copy the code

Configure and start the Logstash

In the logstash home directory:

vim config/log4j_to_es.confCopy the code

Modify log4j_to_es. Conf as follows:

input {
  log4j {
    mode => "server"
    host => "localhost"
    port => 4560
  }
}
filter {
  #Only matched data are send to output.
}
output {
    elasticsearch {
    action => "index"          #The operation on ES
    hosts  => "localhost:9200"   #ElasticSearch host, can be array.
    index  => "applog"         #The index to write data to.}}Copy the code

Start after modifying the configuration:

./bin/logstash -f config/log4j_to_es.confCopy the code

Sprinboot integrates ELK to build a real-time log platform

Elk profile

Elk download and install

Configure and start Elasticsearch

Configure and start the Logstash

Related Posts

Full analysis of Alibaba open source stream limiting system Sentinel

Backend interview summary – Web chapter

ReentrantLock source code analysis