How to Setup ELK Stack in Ubuntu with Filebeat to collect logs from servers
HTML-код
- Опубликовано: 12 сен 2024
- #awsfordevelopers #aws #hinditutorial #urdotutorial #elkstack #observerbility
#devops #technoronix #filebeat #monitoring #serveradministration
#devops #support #linux_tutorial #linuxsystemadministration #linuxtutions
Setup Elasticsearch :
1 apt-get update
2 sudo apt-get install openjdk-8-jdk
3 wget -qO - artifacts.elas... | sudo apt-key add -
4 sudo apt-get install apt-transport-https
5 echo "deb artifacts.elas... stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
6 sudo apt-get update
7 sudo apt-get install elasticsearch
8 sudo nano /etc/elasticsearch/elasticsearch.yml
network.host: 10.0.44.189
http.port: 9200
9 systemctl start elasticsearch.service
10 curl 10.0.44.189:9200
Setup Kibana
1 apt-get update
2 sudo apt-get install openjdk-8-jdk
3 wget -qO - artifacts.elas... | sudo apt-key add -
4 sudo apt-get install apt-transport-https
5 echo "deb artifacts.elas... stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
6 sudo apt-get update
7 sudo apt-get install kibana
8 sudo nano /etc/kibana/kibana.yml
server.port: 5601
server.host: "10.0.43.154"
elasticsearch.hosts: ["10.0.44.189:9200"]
9 systemctl start kibana
10 systemctl status kibana
11 tail -f /var/log/kibana/kibana.log
Setup Logstash
logstash pipeline samples : www.elastic.co...
12 sudo apt-get install logstash
13 cd /etc/logstash/conf.d/
14 vim apache.conf
logstash pipeline for apache using filebeat
15 curl -L -O artifacts.elas...
16 dpkg -i filebeat-7.17.6-amd64.deb
17 sudo filebeat modules enable system
18 systemctl start logstash.service
Client Setup (Apache Web server)
1 curl -L -O artifacts.elas...
2 dpkg -i filebeat-7.17.6-amd64.deb
3 vim /etc/filebeat/filebeat.yml
paths:
- /var/log/apache2/*.log
output.logstash:
The Logstash hosts
hosts: ["10.0.43.154:5044"]
4 sudo filebeat setup --index-management -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["10.0.44.189:9200"]'
5 sudo filebeat modules enable system
6 sudo filebeat modules enable apache
7 systemctl restart filebeat.service
8 filebeat test output
you are GOD gifted person with speaking capabilities i love the way you explain very complex things in details p
i really like the way you described in the video please keep post more videos also let us know how we can connect to you
Thank you bro you are sloving my projects 🙏
Good to know that i am able to help someone
Great teacher
fantastic video much needed
mighty good
Hey mansur is there any way i can connect with you to learn more about observability tools ?
very well explain. let us know how we can connect to you???
will i be able to get logs from microservices present in EKS from the above configuration?
Can we directly send data to Elasticsearch from filebeat instead of logstash?
Yes we can instead of logstash output you can enable elasticsearch
Ca we use grafana instead of kibana as it give more cool UI and dashboards
Have u tried SOF-elk sans I imported it but didn’t c the gui installed centos gui but didn’t show any of the tools any ideas how to fix ?
How to check if this is running or not?
I tried service arcsight-syslogd restart
But it is not working
Thanks Bro
Is it elastic search or elastic search hadoop?
Elasticsearch
I have followed all the steps mentioned in the video but I don't see the logs on kibana. what is the reason
You must need to check logstash connection with elasticsearch is logstash connected to elasticsearch
@@linuxtutions How do i check if it is connected or not
HI Bro,
its show the Kibana Ui, but I didn't get the logs on Kibana, What is reason bro ?
Check your pipeline or beat status
@@linuxtutions filebeat status Running
Can you specify versions
it was 7.x as i remember
🌸 p♥r♥o♥m♥o♥s♥m