5.安装kibana

# 内存使用大概0.7G!

1. 安装kibana¶

cd /home/ubuntu

dpkg -i kibana-7.16.2-amd64.deb

root@4c16g:/etc/filebeat# cd /home/ubuntu/
root@4c16g:/home/ubuntu# ls
bin-bak  elasticsearch-7.16.2-amd64.deb  filebeat-7.16.2-amd64.deb  kibana-7.16.2-amd64.deb  logstash-7.16.2-amd64.deb  mysql-5.7.20-linux-glibc2.12-x86_64.tar.gz  rpm-bak
root@4c16g:/home/ubuntu#
root@4c16g:/home/ubuntu#
root@4c16g:/home/ubuntu# dpkg -i kibana-7.16.2-amd64.deb
Selecting previously unselected package kibana.
(Reading database ... 129442 files and directories currently installed.)
Preparing to unpack kibana-7.16.2-amd64.deb ...
Unpacking kibana (7.16.2) ...
Setting up kibana (7.16.2) ...
Creating kibana group... OK
Creating kibana user... OK
Created Kibana keystore in /etc/kibana/kibana.keystore
Processing triggers for systemd (245.4-4ubuntu3.13) ...

3. 修改kibana配置文件¶

1. 备份¶

#1.备份
cd /etc/kibana
ls
cp kibana.yml kibana.yml.bak

root@4c16g:/home/ubuntu# cd /etc/kibana
root@4c16g:/etc/kibana# ls
kibana.keystore  kibana.yml  node.options
root@4c16g:/etc/kibana# cp kibana.yml kibana.yml.bak

2. 修改¶

#2.修改
vim kibana.yml

1. 打开服务端口¶

#1)打开第2行，端口
  1 # Kibana is served by a back end server. This setting specifies the port to use.
  2 server.port: 5601

2. 打开监听地址¶

#2）打开第7行，并修改为0.0.0.0（公网的话就别都开！）
  4 # Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
  5 # The default is 'localhost', which usually means remote machines will not be able to connect.
  6 # To allow connections from remote users, set this parameter to a non-loopback address.
  7 server.host: "0.0.0.0"

3. 指明elasticsearch服务地址¶

#3）打开第32行注释，并修改url
 31 # The URLs of the Elasticsearch instances to use for all your queries.
 32 elasticsearch.hosts: ["http://10.0.8.5:9200"]

4. 启动kibana¶

systemctl start kibana

#3.查看5601端口
netstat -tnlp|grep 5601

root@4c16g:/etc/kibana# netstat -tnlp|grep 5601
tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      2709338/node

5. 浏览器访问¶

# 10.0.8.5:5601
# 弹出对话框，直接点击x，忽略即可！

1. 创建索引¶

# 点击页面左侧的列表，然后点击discover，弹出页面中点击创建

2. 导入数据¶

# 在最右侧可以看到目前的数据源了，然后填入
#1. name：filebeat*，
#2. timestamp field：@timestamp，
# 点击创建索引

3. 查看日志信息¶

# 点击左侧的列表-discover，然后点击右上角的new，即可看到所有日志信息！

6. 手动写入日志测试¶

# 打开2个窗口，一个窗口监控日志，另一个窗口写入日志
#窗口1
tailf /var/log/chupeng.log

#窗口2
logger "chupeng elk log test ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"

#监控discover界面，点击右上角的刷新
# 然后点击左侧折叠按钮打开日志，发现已经监控到日志！！！

最后更新: 2022-02-19 13:05:46