CentOS与Filebeat集成步骤如下:
sudo yum install epel-release
,然后sudo yum install filebeat
;也可手动下载RPM包安装,如wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.x.x-linux-x86_64.rpm
,再执行sudo rpm -ivh filebeat-7.x.x-linux-x86_64.rpm
。/etc/filebeat/filebeat.yml
文件,设置要监控的日志路径filebeat.inputs
和Elasticsearch的输出地址output.elasticsearch
等参数,如filebeat.inputs: - type: log enabled: true paths: - /var/log/*.log
,output.elasticsearch: hosts: ["localhost:9200"]
。sudo systemctl start filebeat
,并设置为开机自启动sudo systemctl enable filebeat
。sudo tail -f /var/log/filebeat/filebeat.log
,或检查Elasticsearch集群状态curl -X GET "localhost:9200/_cluster/health?pretty"
来验证是否集成成功。