Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Server \ ELKstack log analysis platform     - OpenGL Programming Guide (8th edition of the original book) - compute shader (Programming)

- Debian 8.1 (amd64) deployed Memcached (Server)

- Joseph Central Java implementation (Programming)

- How to override the plain text files and directories soft connection in linux (Linux)

- Storm basic framework for analysis (Programming)

- Shell Common Command Summary (Programming)

- Oracle archive log deletion (Database)

- Android Touch message passing mechanism analysis (Programming)

- Firewall Configuration Red Hat Enterprise Linux 4 (Linux)

- Android Qemu GPS module (Programming)

- CentOS 6.x Basic System Optimization after installation (Linux)

- Linux basic introductory tutorial ---- regex basis (Linux)

- Grep how to find files based on file contents in UNIX (Linux)

- Install mono offline on CentOS (Server)

- Linux log management tools Logrotate (Linux)

- Debian installation (Linux)

- To delete the directory and all specified files under the Mac (Linux)

- Memcached and Redis (Linux)

- Hazelcast integration with MongoDB (Database)

- Android Scroller call mechanism and the relationship of computeScroll (Programming)

 
         
  ELKstack log analysis platform
     
  Add Date : 2018-11-21      
         
       
         
  ELKstack combination Elasticsearch, Logstash, Kibana three open source software. Currently in Elastic.co company name.
ELK is a popular open source log monitoring and analysis system, comprising a distributed indexing and search service Elasticsearch, a log and event management tools logstash, and a data visualization services Kibana
Logstash_1.5.3 responsible for collecting logs, handling and storage
elasticsearch-1.7.2 is responsible for log retrieval and analysis
kibana-4.1.2-linux-x64.tar.gz responsible for the log visualization
jdk-1.7.0_03 java environment
redis-2.4.14 DB
 
First, the basic environment
1, character, ip, version, kernel
serverA 10.1.10.185 3.2.0-4-amd64 7.8 java elasticsearch redis kibana logstash (agent indexer)
clientB 10.1.10.117 3.2.0-4-amd64 7.8 java logstash (agent)
 
2, installed base package
apt-get -y install curl wget lrzsz axel
 
Second, install redis server
1, the installation package
apt-get -y install redis-server
 
2. Create redis storage directory
mkdir / opt / redis -p
 
3, authority
chown redis / opt / redis / -R
 
4, the configuration
1) Backup Configuration
cp /etc/redis/redis.conf /etc/redis/redis.conf.bak
2) modify the configuration
sed -i 's! ^ bind. *! bind 10.1.10.185! g' /etc/redis/redis.conf
sed -i 's! ^ dir. *! dir / opt / redis! g' /etc/redis/redis.conf
 
5, restart the service
/etc/init.d/redis-server restart
 
6, view the process and port
1) Check process
ps -ef | grep redis
redis 23193 1 0 16:41? 00:00:00 / usr / bin / redis-server /etc/redis/redis.conf
2) Check port
netstat -tupnl | grep redis
tcp 0 0 10.1.10.185:6379 0.0.0.0:* LISTEN 25188 / redis-server
 
7, check the boot (default boot up)
ll /etc/rc2.d/ | grep redis
lrwxrwxrwx 1 root root 22 Sep 20 16:41 S02redis-server -> ../init.d/redis-server
 
Third, install java environment
1, the installation package
apt-get -y install openjdk-7-jdk
 
2, check the version
java -version
java version "1.7.0_03"
OpenJDK Runtime Environment (IcedTea7 2.1.7) (7u3-2.1.7-1)
OpenJDK 64-Bit Server VM (build 22.0-b10, mixed mode)
 
Fourth, the installation elasticsearch
1, download elasticsearch
wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.7.2.deb
 
2, the installation elasticsearch
dpkg -i elasticsearch-1.7.2.deb
Selecting previously unselected package elasticsearch.
(Reading database ... 30240 files and directories currently installed.)
Unpacking elasticsearch (from elasticsearch-1.7.2.deb) ...
Creating elasticsearch group ... OK
Creating elasticsearch user ... OK
Setting up elasticsearch (1.7.2) ...
 
3, the configuration
1) Backup Configuration
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
2) modify the configuration
echo "network.bind_host: 10.1.10.185" >> /etc/elasticsearch/elasticsearch.yml
 
4, start elasticsearch service
/etc/init.d/elasticsearch start
 
5, view the process and port
1) Check process
ps -ef | grep java
? 106 22835 1 63 15:14 00:00:03 / usr / lib / jvm / java-7-openjdk-amd64 // bin / java -Xms256m -Xmx1g -Djava.awt.headless = true -XX: + UseParNewGC - XX: + UseConcMarkSweepGC -XX: CMSInitiatingOccupancyFraction = 75 -XX: + UseCMSInitiatingOccupancyOnly -XX: + HeapDumpOnOutOfMemoryError -XX: + DisableExplicitGC -Dfile.encoding = UTF-8 -Delasticsearch -Des.pidfile = / var / run / elasticsearch / elasticsearch.pid -Des.path.home = / usr / share / elasticsearch -cp: /usr/share/elasticsearch/lib/elasticsearch-1.7.2.jar: / usr / share / elasticsearch / lib / *: / usr / share / elasticsearch / lib / sigar / * -Des.default.config = / etc / elasticsearch / elasticsearch.yml -Des.default.path.home = / usr / share / elasticsearch -Des.default.path.logs = / var / log / elasticsearch -Des.default.path.data = / var / lib / elasticsearch -Des.default.path.work = / tmp / elasticsearch -Des.default.path.conf = / etc / elasticsearch org.elasticsearch.bootstrap.Elasticsearch
2) Check port
netstat -tupnl | grep java
tcp6 0 0 10.1.10.185:9200 ::: * LISTEN 22835 / java
tcp6 0 0 10.1.10.185:9300 ::: * LISTEN 22835 / java
udp6 0 0 ::: 54328 ::: * 22835 / java
 
6, the test
curl -X GET http://10.1.10.185:9200
{
  "Status": 200,
  "Name": "Ned Leeds",
  "Cluster_name": "elasticsearch",
  "Version": {
    "Number": "1.7.2",
    "Build_hash": "e43676b1385b8125d647f593f7202acbd816e8ec",
    "Build_timestamp": "2015-09-14T09: 49: 53Z",
    "Build_snapshot": false,
    "Lucene_version": "4.10.4"
  },
  "Tagline": "You Know, for Search"
}
 
7, added to the boot
update-rc.d elasticsearch defaults
update-rc.d: using dependency based boot sequencing
 
V. Installation logstash
1, download logstash
wget https://download.elastic.co/logstash/logstash/packages/debian/logstash_1.5.3-1_all.deb
 
2, the installation logstash
dpkg -i logstash_1.5.3-1_all.deb
(Reading database ... 30338 files and directories currently installed.)
Unpacking logstash (from logstash_1.5.3-1_all.deb) ...
Setting up logstash (1: 1.5.3-1) ...
 
3, the configuration (not the default configuration file)
1) Configure logstash_agent
cat /etc/logstash/conf.d/logstash_agent.conf
input {
        file {
                type => "messages"
                path => [ "/ var / log / messages"]
        }
        file {
                type => "elasticsearch"
                path => [ '/var/log/elasticsearch/elasticsearch.log*']
        }
}
output {
        redis {
                host => "10.1.10.185"
                data_type => "list"
                key => "logstash: redis"
        }
}
2) Configuration logstash_indexer
cat /etc/logstash/conf.d/logstash_indexer.conf
input {
        redis {
                host => "10.1.10.185"
                data_type => "list"
                key => "logstash: redis"
                type => "redis-input"
        port => "6379"
        }
}
output {
        elasticsearch {
                host => "10.1.10.185"
        }
}
 
4, start the service
/etc/init.d/logstash start
logstash started.
 
5. Use ps -ef jps -mlv or to view the next process
ps -ef | grep logst
logstash 22932 1 16 15:19 pts / 0 00:00:01 / usr / bin / java -XX: + UseParNewGC -XX: + UseConcMarkSweepGC -Djava.awt.headless = true -XX: CMSInitiatingOccupancyFraction = 75 -XX: + UseCMSInitiatingOccupancyOnly -Djava.io.tmpdir = / var / lib / logstash -Xmx500m -Xss2048k -Djffi.boot.library.path = / opt / logstash / vendor / jruby / lib / jni -XX: + UseParNewGC -XX: + UseConcMarkSweepGC -Djava .awt.headless = true -XX: CMSInitiatingOccupancyFraction = 75 -XX: + UseCMSInitiatingOccupancyOnly -Djava.io.tmpdir = / var / lib / logstash -Xbootclasspath / a: /opt/logstash/vendor/jruby/lib/jruby.jar - classpath: -Djruby.home = / opt / logstash / vendor / jruby -Djruby.lib = / opt / logstash / vendor / jruby / lib -Djruby.script = jruby -Djruby.shell = / bin / sh org.jruby.Main --1.9 /opt/logstash/lib/bootstrap/environment.rb logstash / runner.rb agent -f /etc/logstash/conf.d -l /var/log/logstash/logstash.log
 
6, set the boot
update-rc.d logstash defaults
update-rc.d: using dependency based boot sequencing
 
6, installation kibana (front-end web)
1. Download
axel -n 10 https://download.elastic.co/kibana/kibana/kibana-4.1.2-linux-x64.tar.gz
 
2, unzip to the specified directory
tar zxvf kibana-4.1.2-linux-x64.tar.gz -C / opt
 
3, create a log directory
mkdir -p / opt / kibanalog
 
4, the configuration
1) Backup Configuration
cp /opt/kibana-4.1.2-linux-x64/config/kibana.yml /opt/kibana-4.1.2-linux-x64/config/kibana.yml.bak
2) modify the configuration
sed -i 's ^ elasticsearch_url:!. * elasticsearch_url:! "http://10.1.10.185:9200"!g' /opt/kibana-4.1.2-linux-x64/config/kibana.yml
sed -i 's ^ host:!. * host:! "10.1.10.185" g!' /opt/kibana-4.1.2-linux-x64/config/kibana.yml
 
5, start the service
cd / opt / kibanalog && nohup /opt/kibana-4.1.2-linux-x64/bin/kibana &
 
6, view the process and port
1) Check process
ps aux | grep kibana
root 22982 5.4 20.1 612576 47716 pts / 0 Sl 15:22 0:01 /opt/kibana-4.1.2-linux-x64/bin/../node/bin/node /opt/kibana-4.1.2-linux- x64 / bin /../ src / bin / kibana.js
2) Check port
netstat -tupnl | grep 5601
tcp 0 0 10.1.10.185:5601 0.0.0.0:* LISTEN 22982 / node
 
7, access http://10.1.10.185:5601 on windows

8, set the boot
echo "cd / opt / kibanalog && nohup /opt/kibana-4.1.2-linux-x64/bin/kibana &" >> /etc/rc.local
 
VII view all service log
1, views redis log
cat /var/log/redis/redis-server.log
[5903] 22 Sep 09:53:47 * Server started, Redis version 2.4.14
[5903] 22 Sep 09:53:47 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory = 1' for this to take effect.
[5903] 22 Sep 09:53:47 * The server is now ready to accept connections on port 6379
[5903] 22 Sep 10:08:42 # Received SIGTERM, scheduling shutdown ...
[5903] 22 Sep 10:08:42 # User requested shutdown ...
[5903] 22 Sep 10:08:42 * Saving the final RDB snapshot before exiting.
[5903] 22 Sep 10:08:42 * DB saved on disk
[5903] 22 Sep 10:08:42 * Removing the pid file.
[5903] 22 Sep 10:08:42 # Redis is now ready to exit, bye bye ...
[22674] 22 Sep 10:08:43 * Server started, Redis version 2.4.14
[22674] 22 Sep 10:08:43 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory = 1' for this to take effect.
[22674] 22 Sep 10:08:43 * The server is now ready to accept connections on port 6379
[22674] 22 Sep 10:49:56 * 1 changes in 900 seconds. Saving ...
[22674] 22 Sep 10:49:56 * Background saving started by pid 23186
[23186] 22 Sep 10:49:56 * DB saved on disk
[22674] 22 Sep 10:49:57 * Background saving terminated with success
[22674] 22 Sep 10:50:58 * 10000 changes in 60 seconds. Saving ...
[22674] 22 Sep 10:50:58 * Background saving started by pid 23205
[23205] 22 Sep 10:50:58 * DB saved on disk
[22674] 22 Sep 10:50:58 * Background saving terminated with success
[22674] 22 Sep 10:51:59 * 10000 changes in 60 seconds. Saving ...
[22674] 22 Sep 10:51:59 * Background saving started by pid 23214
[23214] 22 Sep 10:51:59 * DB saved on disk
[22674] 22 Sep 10:51:59 * Background saving terminated with success
 
2. Check the log elasticsearch
cat /var/log/elasticsearch/elasticsearch.log
[2015-09-22 10: 09: 42,361] [INFO] [node] [Karma] version [1.7.2], pid [22751], build [e43676b / 2015-09-14T09: 49: 53Z]
[2015-09-22 10: 09: 42,362] [INFO] [node] [Karma] initializing ...
[2015-09-22 10: 09: 42,536] [INFO] [plugins] [Karma] loaded [], sites []
[2015-09-22 10: 09: 42,595] [INFO] [env] [Karma] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [7.3gb], net total_space [9.1gb ], types [rootfs]
[2015-09-22 10: 09: 45,669] [INFO] [node] [Karma] initialized
[2015-09-22 10: 09: 45,669] [INFO] [node] [Karma] starting ...
[2015-09-22 10: 09: 45,776] [INFO] [transport] [Karma] bound_address {inet [/10.1.10.185:9300]}, publish_address {inet [/10.1.10.185:9300]}
[2015-09-22 10: 09: 45,794] [INFO] [discovery] [Karma] elasticsearch / mB1_wQprTAWGam7X1LzCxQ
[2015-09-22 10: 09: 49,582] [INFO] [cluster.service] [Karma] new_master [Karma] [mB1_wQprTAWGam7X1LzCxQ] [debian] [inet [/10.1.10.185:9300]], reason: zen-disco -join (elected_as_master)
[2015-09-22 10: 09: 49,620] [INFO] [http] [Karma] bound_address {inet [/10.1.10.185:9200]}, publish_address {inet [/10.1.10.185:9200]}
[2015-09-22 10: 09: 49,620] [INFO] [node] [Karma] started
[2015-09-22 10: 09: 49,642] [INFO] [gateway] [Karma] recovered [0] indices into cluster_state
[2015-09-22 10: 49: 56,101] [INFO] [cluster.service] [Karma] added {[logstash-debian-23118-13460] [Bt8LxnD9R4amhOypJbgxww] [debian] [inet [/10.1.10.185:9301] ] {client = true, data = false},}, reason: zen-disco-receive (join from node [[logstash-debian-23118-13460] [Bt8LxnD9R4amhOypJbgxww] [debian] [inet [/10.1.10.185:9301] ] {client = true, data = false}])
[2015-09-22 10: 49: 58,511] [INFO] [cluster.metadata] [Karma] [logstash-2015.09.22] creating index, cause [auto (bulk api)], templates [logstash], shards [5 ] / [1], mappings [_default_, elasticsearch]
[2015-09-22 10: 49: 59,645] [INFO] [cluster.metadata] [Karma] [logstash-2015.09.22] update_mapping [elasticsearch] (dynamic)
[2015-09-22 10: 53: 28,474] [DEBUG] [action.admin.cluster.health] [Karma] observer:. Timeout notification from cluster service timeout setting [5s], time since start [5s]
[2015-09-22 10: 53: 51,251] [INFO] [cluster.metadata] [Karma] [.kibana] creating index, cause [api], templates [], shards [1] / [1], mappings [ ]
[2015-09-22 10: 53: 52,902] [INFO] [cluster.metadata] [Karma] [.kibana] update_mapping [config] (dynamic)
 
3, view the log logstash
cat /var/log/logstash/logstash.err
!!! Please upgrade your java version, the current version '1.7.0_03-b21' may cause problems. We recommend a minimum version of 1.7.0_51
'[DEPRECATED] use `require concurrent` instead of` require concurrent_ruby'
[2015-09-22 10: 49: 48.459] WARN - Concurrent: [DEPRECATED] Java 7 is deprecated, please use Java 8.
Java 7 support is only best effort, it may not work. It will be removed in next release (1.0).
Sep 22, 2015 10:49:49 AM org.elasticsearch.node.internal.InternalNode < init>
INFO: [logstash-debian-23118-13460] version [1.7.0], pid [23118], build [929b973 / 2015-07-16T14: 31: 07Z]
Sep 22, 2015 10:49:49 AM org.elasticsearch.node.internal.InternalNode < init>
INFO: [logstash-debian-23118-13460] initializing ...
Sep 22, 2015 10:49:49 AM org.elasticsearch.plugins.PluginsService < init>
INFO: [logstash-debian-23118-13460] loaded [], sites []
Sep 22, 2015 10:49:51 AM org.elasticsearch.bootstrap.Natives < clinit>
WARNING: JNA not found native methods will be disabled..
Sep 22, 2015 10:49:52 AM org.elasticsearch.node.internal.InternalNode < init>
INFO: [logstash-debian-23118-13460] initialized
Sep 22, 2015 10:49:52 AM org.elasticsearch.node.internal.InternalNode start
INFO: [logstash-debian-23118-13460] starting ...
Sep 22, 2015 10:49:52 AM org.elasticsearch.transport.TransportService doStart
INFO: [logstash-debian-23118-13460] bound_address {inet [/ 0: 0: 0: 0: 0: 0: 0: 0: 9301]}, publish_address {inet [/10.1.10.185:9301]}
Sep 22, 2015 10:49:53 AM org.elasticsearch.discovery.DiscoveryService doStart
INFO: [logstash-debian-23118-13460] elasticsearch / Bt8LxnD9R4amhOypJbgxww
Sep 22, 2015 10:49:56 AM org.elasticsearch.cluster.service.InternalClusterService $ UpdateTask run
INFO: [logstash-debian-23118-13460] detected_master [Karma] [mB1_wQprTAWGam7X1LzCxQ] [debian] [inet [/10.1.10.185:9300]], added {[Karma] [mB1_wQprTAWGam7X1LzCxQ] [debian] [inet [/10.1. 10.185: 9300]],}, reason: zen-disco-receive (from master [[Karma] [mB1_wQprTAWGam7X1LzCxQ] [debian] [inet [/10.1.10.185:9300]]])
Sep 22, 2015 10:49:56 AM org.elasticsearch.node.internal.InternalNode start
INFO: [logstash-debian-23118-13460] started
Sep 22, 2015 10:55:23 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
WARNING: [logstash-debian-23118-13460] [gc] [young] [325] [5441] duration [1s], collections [1] / [1.2s], total [1s] / [31.5s], memory [ 156.5mb] -> [157.1mb] / [491.6mb], all_pools {[young] [3.8mb] -> [2.4mb] / [66.5mb]} {[survivor] [365.5kb] -> [512kb] / [8.3mb]} {[old] [152.3mb] -> [154.2mb] / [416.8mb]}
Sep 22, 2015 10:56:08 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
INFO: [logstash-debian-23118-13460] [gc] [young] [369] [6284] duration [1.8s], collections [2] / [2.3s], total [1.8s] / [37.9s], memory [113.8mb] -> [116.2mb] / [491.6mb], all_pools {[young] [3.6mb] -> [2.1mb] / [66.5mb]} {[survivor] [361.1kb] -> [508kb ] / [8.3mb]} {[old] [109.8mb] -> [113.6mb] / [416.8mb]}
Sep 22, 2015 10:57:39 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
INFO: [logstash-debian-23118-13460] [gc] [young] [457] [7938] duration [941ms], collections [1] / [1s], total [941ms] / [48.7s], memory [110.9 mb] -> [114.2mb] / [491.6mb], all_pools {[young] [894.6kb] -> [4.1mb] / [66.5mb]} {[survivor] [512kb] -> [512kb] / [8.3 mb]} {[old] [109.5mb] -> [109.5mb] / [416.8mb]}
Sep 22, 2015 11:00:42 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
INFO: [logstash-debian-23118-13460] [gc] [young] [635] [11214] duration [703ms], collections [1] / [2.7s], total [703ms] / [1.1m], memory [ 158.2mb] -> [160.1mb] / [491.6mb], all_pools {[young] [3.7mb] -> [2mb] / [66.5mb]} {[survivor] [512kb] -> [509.4kb] / [ 8.3mb]} {[old] [153.9mb] -> [157.5mb] / [416.8mb]}
Sep 22, 2015 11:01:33 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
WARNING: [logstash-debian-23118-13460] [gc] [young] [684] [12144] duration [1s], collections [1] / [2.4s], total [1s] / [1.2m], memory [ 201.6mb] -> [200mb] / [491.6mb], all_pools {[young] [4.1mb] -> [50.1kb] / [66.5mb]} {[survivor] [512kb] -> [512kb] / [8.3 mb]} {[old] [197mb] -> [199.5mb] / [416.8mb]}
Sep 22, 2015 11:02:17 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
WARNING: [logstash-debian-23118-13460] [gc] [young] [727] [12972] duration [1.3s], collections [1] / [1s], total [1.3s] / [1.3m], memory [186.5mb] -> [188mb] / [491.6mb], all_pools {[young] [2.2mb] -> [4.1mb] / [66.5mb]} {[survivor] [512kb] -> [512kb] / [ 8.3mb]} {[old] [183.7mb] -> [183.4mb] / [416.8mb]}
Sep 22, 2015 11:04:40 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
WARNING: [logstash-debian-23118-13460] [gc] [young] [864] [15273] duration [1.3s], collections [1] / [2.9s], total [1.3s] / [1.6m], memory [122.9mb] -> [125.8mb] / [491.6mb], all_pools {[young] [2.6mb] -> [1.9mb] / [66.5mb]} {[survivor] [512kb] -> [511.9kb ] / [8.3mb]} {[old] [119.7mb] -> [123.3mb] / [416.8mb]}
Sep 22, 2015 11:05:30 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
WARNING: [logstash-debian-23118-13460] [gc] [young] [912] [16079] duration [1.3s], collections [1] / [2.5s], total [1.3s] / [1.7m], memory [183.9mb] -> [181.4mb] / [491.6mb], all_pools {[young] [4.1mb] -> [101.1kb] / [66.5mb]} {[survivor] [510.1kb] -> [499.7 kb] / [8.3mb]} {[old] [179.3mb] -> [180.8mb] / [416.8mb]}
Sep 22, 2015 11:06:16 AM org.elasticsearch.monitor.jvm.JvmMonitorService $ JvmMonitor monitorLongGc
INFO: [logstash-debian-23118-13460] [gc] [young] [956] [16816] duration [915ms], collections [1] / [2s], total [915ms] / [1.8m], memory [175.2 mb] -> [144.9mb] / [491.6mb], all_pools {[young] [3.7mb] -> [12.5kb] / [66.5mb]} {[survivor] [357.1kb] -> [259.6kb] / [8.3mb]} {[old] [171.2mb] -> [144.6mb] / [416.8mb]}
 
4. Check the log kibana
cat /opt/kibanalog/nohup.out
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "msg": "No existing kibana index found", "time": "2015-09- 22T02: 53: 28.503Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "msg": "Listening on 10.1.10.185:5601","time":"2015- 09-22T02: 53: 28.538Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/", "headers": { "host": "10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0", "accept": "text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12: 29 GMT "," if-none-match ":" W / \ "6f9-3043805189 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57468}," res ": {" statusCode " : 304, "responseTime": 6, "contentLength": 0}, "msg": "GET / 304 - 6ms", "time": "2015-09-22T02: 53: 49.894Z", "v": 0 }
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / ? main.css _b = 7562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 firefox / 40.0 "," accept ":" text / css, * / *; q = 0.1 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "335dc-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort " : 57468}, "res": { "statusCode": 304, "responseTime": 18, "contentLength": 0}, "msg": "GET /styles/main.css?_b=7562 304 - 18ms", " time ":" 2015-09-22T02: 53: 49.964Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ images / initial_load.gif "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 " , "accept": "image / png, image / *; q = 0.8, * / *; q = 0.5", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "," if -modified-since ":" Tue, 08 Sep 2015 20:12:29 GMT "," if-none-match ":" W / \ "2e9e-3043805189 \" "}," remoteAddress ":" 10.1.10.131 " , "remotePort": 57468}, "res": { "statusCode": 304, "responseTime": 2, "contentLength": 0}, "msg": "GET /images/initial_load.gif 304 - 2ms", " time ":" 2015-09-22T02: 53: 49.968Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ bower_components / ? requirejs / require.js _b = 7562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:29 GMT "," if-none-match ":" W / \ "14703-3043805189 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57469}," res ": {" statusCode ": 304," responseTime ": 1," contentLength ": 0}," msg ":" GET /bower_components/requirejs/require.js?_b=7562 304 - 1ms "," time ":" 2015-09-22T02: 53: 49.969Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ require. ? config.js _b = 7562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 firefox / 40.0 "," accept ":" * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept- encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:29 GMT "," if-none-match ":" W / \ "a66-3043805189 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57470}," res ": { "statusCode": 304, "responseTime": 2, "contentLength": 0}, "msg": "GET /require.config.js?_b=7562 304 - 2ms", "time": "2015-09- 22T02: 53: 49.970Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57471}," res ": {" statusCode ": 304," responseTime ": 3," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 3ms "," time ":" 2015-09 -22T02: 53: 49.970Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ index. ? js _b = 7562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding " : "gzip, deflate", "referer": "http://10.1.10.185:5601/", "connection": "keep-alive", "if-modified-since": "Tue, 08 Sep 2015 20: 12:29 GMT "," if-none-match ":" W / \ "5489a7-3043805189 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57472}," res ": {" statusCode ": 304," responseTime ": 1," contentLength ": 0}," msg ":" GET /index.js?_b=7562 304 - 1ms "," time ":" 2015-09-22T02: 53: 50.037Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57468}," res ": {" statusCode ": 304," responseTime ": 0," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 0ms "," time ":" 2015-09 -22T02: 53: 50.203Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ config? _b = 7562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 " , "accept": "text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep -alive "," if-none-match ":" W / \ "151-5c053bf3 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57469}," res ": {" statusCode " : 304, "responseTime": 3, "contentLength": 0}, "msg": "GET / config _b = 7562 304 - 3ms?", "time": "2015-09-22T02: 53: 50.492Z", "v": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ elasticsearch / ? _ = 1442890430562 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57470}," res ": {" statusCode ": 200," responseTime ": 12," contentLength ": 333}," msg ":" GET / _ = 1442890430562 200 - 12ms ","? time ":" 2015-09-22T02: 53: 50.883Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57471}," res ": {" statusCode ": 304," responseTime ": 0," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 0ms "," time ":" 2015-09 -22T02: 53: 50.923Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57472}," res ": {" statusCode ": 304," responseTime ": 0," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 0ms "," time ":" 2015-09 -22T02: 53: 50.926Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57468}," res ": {" statusCode ": 304," responseTime ": 1," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 1ms "," time ":" 2015-09 -22T02: 53: 50.929Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ elasticsearch / ? _nodes _ = 1442890430791 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "}," remoteAddress ":" 10.1. 10.131 "," remotePort ": 57470}," res ": {" statusCode ": 200," responseTime ": 63," contentLength ": 5943}," msg ":"? GET / _nodes _ = 1442890430791 200 - 63ms " , "time": "2015-09-22T02: 53: 51.153Z", "v": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "HEAD", "url": "/ elasticsearch / .kibana "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 ", "accept": "application / json, text / plain, * / *", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3", "accept-encoding": "gzip, deflate", "referer": "http://10.1.10.185:5601/", "connection": "keep-alive"}, "remoteAddress": "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 404, "responseTime": 6, "contentLength": 0}, "msg": "HEAD /.kibana 404 - 6ms", "time": " 2015-09-22T02: 53: 51.171Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "POST", "url": "/ elasticsearch / .kibana "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 ", "accept": "application / json, text / plain, * / *", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3", "accept-encoding": "gzip, deflate", "content-type": "application / json; charset = utf-8", "referer": "http://10.1.10.185:5601/", "content- length ":" 35 "," connection ":" keep-alive "," pragma ":" no-cache "," cache-control ":" no-cache "}," remoteAddress ":" 10.1.10.131 ", "remotePort": 57470}, "res": { "statusCode": 200, "responseTime": 546, "contentLength": 21}, "msg": "POST /.kibana 200 - 546ms", "time": " 2015-09-22T02: 53: 51.726Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ elasticsearch / _cluster / health / .kibana wait_for_status = yellow & _ = 1442890431632 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv?: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ":" keep-alive "}, "remoteAddress": "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 200, "responseTime": 467, "contentLength": 313}, "msg": "GET / _cluster / ? health / .kibana wait_for_status = yellow & _ = 1442890431632 200 - 467ms "," time ":" 2015-09-22T02: 53: 52.398Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "POST", "url": "/ elasticsearch / ? _mget timeout = 0 & ignore_unavailable = true & preference = 1442890430199 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," content-type ":" application / json; charset = utf-8 "," referer ":" http://10.1.10.185: 5601 / "," content-length ":" 62 "," connection ":" keep-alive "," pragma ":" no-cache "," cache-control ":" no-cache "}," remoteAddress " : "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 200, "responseTime": 60, "contentLength": 76}, "msg":? "POST / _mget timeout = 0 & ignore_unavailable = true & preference = 1442890430199 200 - 60ms "," time ":" 2015-09-22T02: 53: 52.665Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "POST", "url": "/ elasticsearch / .kibana / config / 4.1.2 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en ; q = 0.3 "," accept-encoding ":" gzip, deflate "," content-type ":" application / json; charset = utf-8 "," referer ":" http://10.1.10.185:5601 / "," content-length ":" 17 "," connection ":" keep-alive "," pragma ":" no-cache "," cache-control ":" no-cache "}," remoteAddress ": "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 201, "responseTime": 33, "contentLength": 79}, "msg": "POST /.kibana/config/4.1 .2 201 - 33ms "," time ":" 2015-09-22T02: 53: 52.908Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "POST", "url": "/ elasticsearch / ? _mget timeout = 0 & ignore_unavailable = true & preference = 1442890430199 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," content-type ":" application / json; charset = utf-8 "," referer ":" http://10.1.10.185: 5601 / "," content-length ":" 62 "," connection ":" keep-alive "," pragma ":" no-cache "," cache-control ":" no-cache "}," remoteAddress " : "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 200, "responseTime": 6, "contentLength": 116}, "msg":? "POST / _mget timeout = 0 & ignore_unavailable = true & preference = 1442890430199 200 - 6ms "," time ":" 2015-09-22T02: 53: 53.126Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "POST", "url": "/ elasticsearch / ? .kibana / index-pattern / _search fields = "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0 ) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," content-type ":" application / json; charset = utf-8 "," referer ":" http: //10.1. 10.185: 5601 / "," content-length ":" 44 "," connection ":" keep-alive "," pragma ":" no-cache "," cache-control ":" no-cache "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57470}," res ": {" statusCode ": 200," responseTime ": 152," contentLength ": 124}," msg ":" POST /.kibana/ ? index-pattern / _search fields = 200 - 152ms "," time ":" 2015-09-22T02: 53: 53.529Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57469}," res ": {" statusCode ": 304," responseTime ": 1," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 1ms "," time ":" 2015-09 -22T02: 53: 54.035Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57471}," res ": {" statusCode ": 304," responseTime ": 0," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 0ms "," time ":" 2015-09 -22T02: 53: 54.036Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ styles / theme / elk.ico "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" text / html, application / xhtml + xml, application / xml; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," connection ":" keep-alive "," if-modified-since ":" Tue, 08 Sep 2015 20:12:30 GMT "," if-none-match ":" W / \ "47e-873763449 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57472}," res ": {" statusCode ": 304," responseTime ": 9," contentLength ": 0}," msg ":" GET /styles/theme/elk.ico 304 - 9ms "," time ":" 2015-09 -22T02: 53: 54.051Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ elasticsearch / ? logstash - * / _ mapping / field / * ignore_unavailable = false & allow_no_indices = false & include_defaults = true & _ = 1442890433545 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / json, text / plain, * / * "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/ "," connection ": "keep-alive"}, "remoteAddress": "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 200, "responseTime": 235, "contentLength": 11412}, "msg ":"? GET / logstash - * / _ mapping / field / * ignore_unavailable = false & allow_no_indices = false & include_defaults = true & _ = 1442890433545 200 - 235ms "," time ":" 2015-09-22T02: 53: 54.096Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ images / no_border.png "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 " , "accept": "image / png, image / *; q = 0.8, * / *; q = 0.5", "accept-language": "zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" gzip, deflate "," referer ":" http://10.1.10.185:5601/styles/main.css?_b=7562 "," connection " : "keep-alive", "if-modified-since": "Tue, 08 Sep 2015 20:12:29 GMT", "if-none-match": "W / \" 10ab-3043805189 \ ""}, "remoteAddress": "10.1.10.131", "remotePort": 57470}, "res": { "statusCode": 304, "responseTime": 2, "contentLength": 0}, "msg": "GET / images / no_border.png 304 - 2ms "," time ":" 2015-09-22T02: 53: 54.377Z "," v ": 0}
{ "Name": "Kibana", "hostname": "debian", "pid": 23238, "level": 30, "req": { "method": "GET", "url": "/ bower_components / ? font-awesome / fonts / fontawesome-webfont.woff v = 4.2.0 "," headers ": {" host ":" 10.1.10.185:5601","user-agent":"Mozilla/5.0 (Windows NT 6.1 ; WOW64; rv: 40.0) Gecko / 20100101 Firefox / 40.0 "," accept ":" application / font-woff2; q = 1.0, application / font-woff; q = 0.9, * / *; q = 0.8 "," accept-language ":" zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3 "," accept-encoding ":" identity "," referer ":" http: // 10.1.10.185:5601/styles/main.css?_b=7562","connection":"keep-alive","if-modified-since":"Tue, 08 Sep 2015 20:12:29 GMT "," if-none-match ":" W / \ "ffac-3043805189 \" "}," remoteAddress ":" 10.1.10.131 "," remotePort ": 57468}," res ": {" statusCode ": 304," responseTime ": 1," contentLength ": 0}," msg ":" GET /bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0 304 - 1ms "," time ":" 2015-09 -22T02: 53: 54.378Z "," v ": 0}
 
Eight, clientB installation configuration logstash (agent)
1, install java environment
apt-get -y install openjdk-7-jdk
 
2, download logstash
wget https://download.elastic.co/logstash/logstash/packages/debian/logstash_1.5.3-1_all.deb
 
3, installation logstash
dpkg -i logstash_1.5.3-1_all.deb
(Reading database ... 30338 files and directories currently installed.)
Unpacking logstash (from logstash_1.5.3-1_all.deb) ...
Setting up logstash (1: 1.5.3-1) ...
 
4, the configuration (not the default configuration file)
1) Configure logstash_agent
cat /etc/logstash/conf.d/logstash_agent.conf
input {
        file {
                type => "message"
                path => [ "/ var / log / message '"]
        }
}
output {
        redis {
                host => "10.1.10.185"
                data_type => "list"
                key => "logstash: redis"
        }
}
 
5, start the service
/etc/init.d/logstash start
logstash started.
 
6, using jps -mlv or ps -ef to view the next process
ps -ef | grep logst
logstash 22932 1 16 15:19 pts / 0 00:00:01 / usr / bin / java -XX: + UseParNewGC -XX: + UseConcMarkSweepGC -Djava.awt.headless = true -XX: CMSInitiatingOccupancyFraction = 75 -XX: + UseCMSInitiatingOccupancyOnly -Djava.io.tmpdir = / var / lib / logstash -Xmx500m -Xss2048k -Djffi.boot.library.path = / opt / logstash / vendor / jruby / lib / jni -XX: + UseParNewGC -XX: + UseConcMarkSweepGC -Djava .awt.headless = true -XX: CMSInitiatingOccupancyFraction = 75 -XX: + UseCMSInitiatingOccupancyOnly -Djava.io.tmpdir = / var / lib / logstash -Xbootclasspath / a: /opt/logstash/vendor/jruby/lib/jruby.jar - classpath: -Djruby.home = / opt / logstash / vendor / jruby -Djruby.lib = / opt / logstash / vendor / jruby / lib -Djruby.script = jruby -Djruby.shell = / bin / sh org.jruby.Main --1.9 /opt/logstash/lib/bootstrap/environment.rb logstash / runner.rb agent -f /etc/logstash/conf.d -l /var/log/logstash/logstash.log
 
7, set the boot
update-rc.d logstash defaults
update-rc.d: using dependency based boot sequencing
     
         
       
         
  More:      
 
- MySQL password on those things you should know (Database)
- RHEL5.x RHEL6.x replace CentOS yum source (Linux)
- RHEL 6.5 x86_64 CentOS yum configuration source (Linux)
- How to publish projects to the Jcenter repository using Gradle in Android Studio (Programming)
- df show disk space usage (Linux)
- Open log in Hibernate (Programming)
- The lambda expression Java8 (constructor references) (Programming)
- XenServer Virtual Machine Installation --- first ISO image file storage expansion (Linux)
- To help you easily protect the Linux System (Linux)
- Linux static library generated Guide (Programming)
- PLSQL Developer synchronization table tools (Database)
- CentOS 6.5 installation using a data recovery software extundelete (Linux)
- JavaScript function closures Quick Start (Programming)
- How to use the Linux command compress JPEG images (Linux)
- RHEL 6.5 KVM analytical use (Server)
- Linux shell string interception and stitching (Linux)
- Through eight skills to let you become a super Linux end-user (Linux)
- Use cmake to compile and install MySQL 5.5 (Database)
- sudoers file parsing (Linux)
- Installation and configuration of phpMyAdmin under CentOS (Database)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.