Elasticsearch

Revi HQ

Elasticsearch.

Filebeat 클라이언트 설치

  1. GPG 키 설치. 
    wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
  2. apt-transport-https 설치. 
    sudo apt-get install apt-transport-https
  3. apt sources 추가 
    echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
  4. filebeat 설치 
    sudo apt-get update && sudo apt-get install filebeat
  5. systemd 추가 
    sudo systemctl enable filebeat
yum
  1. GPG 키 설치 
    sudo rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch
  2. yum repo 추가 (/etc/yum.repos.d/elastic.repo) 
    [elastic-7.x]
name=Elastic repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
  3. filebeat 설치 
    sudo yum install filebeat
  4. systemd 추가 
    sudo systemctl enable filebeat

설치 후 활성화

  1. filebeat 모듈 확인 
    sudo filebeat modules list
  2. filebeat 모듈 추가 
    sudo filebeat modules enable system apache mysql
  3. 세팅 (권한 부여: docs) 
    sudo filebeat setup -e
  4. 초기 시작 
    sudo service filebeat start

Endpoint

Elastic Cloud에서 확인.

/etc/filebeat/filebeat.yml 편집. 

cloud.id: "staging:dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRjZWM2ZjI2MWE3NGJmMjRjZTMzYmI4ODExYjg0Mjk0ZiRjNmMyY2E2ZDA0MjI0OWFmMGNjN2Q3YTllOTYyNTc0Mw==" # <= Elastic 예제임.
cloud.auth: "계정:${ES_PWD}"

Filebeat keystore

sudo filebeat keystore create
sudo filebeat keystore add ES_PWD
다른 언어:
한국어
원본 주소 "https://revi.wiki/wiki/Elasticsearch?oldid=3971"