u ELK University Computer System Lab ELK 2
u ELK를 이용한 실시간 시스템로그자료 분석 University Computer System Lab. ELK 최종목표 2
Computer System Lab. Deb 파일을 통한 elasticsearch설치 u wget https: //artifacts. elastic. co/downloads/elasticsearch/elas ticsearch-6. 6. 2. debsudo dpkg -i elasticsearch 6. 6. 2. deb University 시스템에 서비스 등록, 시작 및 상태확인 sudo systemctl daemon-reload sudo systemctl enable elasticsearch. service sudo systemctl start elasticsearch. service sudo systemctl status elasticsearch. service 5
Computer System Lab. University 설치확인 u curl -X GET "localhost: 9200/" { “name” : “x. Qub 8 IM”, “cluster_name” : “elasticsearch”, “cluster_uuid” : “ 7 RLVGGnx. R 6 q. Hb. V 9 m. Yq. A_mg”, “version” : { “number” : “ 6. 6. 2”, “build_flavor” : “default”, “build_type” : “deb”, “build_hash” : “ 3 bd 3 e 59”, “build_date” : “ 2019– 03– 06 T 15: 16: 26. 864148 Z”, “build_snapshot” : false, “lucene_version” : “ 7. 6. 0”, “minimum_wire_compatibility_version” : “ 5. 6. 0”, “minimum_index_compatibility_version” : “ 5. 0. 0” }, “tagline” : “You Know, for Search” } 6
Computer System Lab. Deb파일을 통한 kibana설치 u wget https: //artifacts. elastic. co/downloads/kibana 6. 6. 2 -amd 64. debsudo dpkg -i kibana-6. 6. 2 -amd 64. deb University 시스템에 서비스 등록, 시작 및 상태 확 인 sudo systemctl enable kibana. service sudo systemctl start kibana. service sudo systemctl status kibana. service 7
Computer System Lab. University Kibana 설치확인 u curl -v : 220. 69. 209. 12: 5601 * Rebuilt URL to: localhost: 5601/ * Trying 127. 0. 0. 1… * TCP_NODELAY set * Connected to localhost (127. 0. 0. 1) port 5601 (#0) > GET / HTTP/1. 1 > Host: localhost: 5601 > User-Agent: curl/7. 58. 0 > Accept: */* > < HTTP/1. 1 302 Found < location: /app/kibana < kbn-name: kibana < kbn-xpack-sig: 292 ada 877125 f 67092 b 9 a 6 a 4 b 59 b 08 ca < content-type: text/html; charset=utf-8 < cache-control: no-cache < content-length: 0 < connection: close < Date: Tue, 26 Mar 2019 02: 11: 00 GMT < * Closing connection 0 8
Computer System Lab. Logstash 설치 u wget https: //artifacts. elastic. co/downloads/logstash 6. 6. 2. debsudo dpkg -i logstash-6. 6. 2. deb University 시스템에 서비스 등록, 시작 및 상태 확인 sudo systemctl enable logstash. service sudo systemctl start logstash. service sudo systemctl status logstash. service 9
Computer System Lab. File. Beat 설치 u wget https: //artifacts. elastic. co/downloads/beats/filebeat/fileb eat-6. 6. 2 -x 86_64. rpmsudo rpm -vi filebeat-6. 6. 2 x 86_64. rpm University 시스템에 서비스 등록, 시작 및 상태 확인 sudo systemctl enable filebeat. service sudo systemctl start filebeat. service sudo systemctl status filebeat. service 10
Computer System Lab. Easticsearch설정파일수정 u sudo vi /etc/elasticsearch. yml Elastic. Search와 binding 할 IP 주소를 설정한다 network. host : 0. 0 University 서비스를 재시작 해줍니다 sudo systemctl restart elasticsearch. service 11
Computer System Lab. Easticsearch설정파일수정 u sudo vi /etc/elasticsearch. yml Elastic. Search와 binding 할 IP 주소를 설정한다 network. host : 0. 0 University 서비스를 재시작 해줍니다 sudo systemctl restart elasticsearch. service 12
Computer System Lab. Easticsearch설정파일수정 u sudo vi /etc/elasticsearch. yml Elastic. Search와 binding 할 IP 주소를 설정한다 network. host : 0. 0 University 서비스를 재시작 해줍니다 sudo systemctl restart elasticsearch. service 13
Computer System Lab. Easticsearch설정파일수정 u sudo vi /etc/elasticsearch. yml Elastic. Search와 binding 할 IP 주소를 설정한다 network. host : 0. 0 University 서비스를 재시작 해줍니다 sudo systemctl restart elasticsearch. service 14
Computer System Lab. Question? Please contact : 김익환 순천향대학교 컴퓨터학부 멀티미디어관 M 606 University Email : dlrghks 2090@naver. com 15
- Slides: 15