![\"Kibana](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/3-0.png\" "\\"Kibana")
<\/div>\n\u7ec4\u6210<\/h2>\n![\"Network](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/5-0.png\" "\\"Network")
<\/div>\n\u5b89\u88dd<\/h2>\nElasticksearch \u5f39\u6027\u641c\u7d22<\/h3>\n
\u6253\u5f00\/etc\/yum.repos.d\/elasticsearch.repo\u6587\u4ef6\u3002<\/p>\n
[elasticsearch-1.1]\r\nname=Elasticsearch repository for 1.1.x packages\r\nbaseurl=http:\/\/packages.elasticsearch.org\/elasticsearch\/1.1\/centos\r\ngpgcheck=1\r\ngpgkey=http:\/\/packages.elasticsearch.org\/GPG-KEY-elasticsearch\r\nenabled=1\r\n<\/code><\/pre>\n\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u6765\u5b89\u88c5elasticsearch\u53ca\u6240\u9700\u7684java\u5f00\u53d1\u5de5\u5177\uff1a
\nyum\u5b89\u88c5 elasticsearch java-1.7.0-openjdk-devel.x86_64<\/p>\n
\u542f\u52a8Elasticsearch\u670d\u52a1<\/p>\n
\u6b63\u5728\u542f\u52a8 Elasticsearch: [ OK ]<\/p><\/blockquote>\n
\u5f00\u542felasticsearch\u7684chkconfig<\/p>\n
# \u8bf7\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u672c\u5730\u8fd0\u884c\uff1acurl localhost:9200<\/p>\n
{
\n“status”: 200,
\n“name”: “\u81ea\u7531\u4e4b\u73af”,
\n“version”: {
\n“number”: “1.1.2”,
\n“build_hash”: “e511f7b28b77c4d99175905fac65bffbf4c80cf7”,
\n“build_timestamp”: “2014-05-22T12:27:39Z”,
\n“build_snapshot”: false,
\n“lucene_version”: “4.7”
\n},
\n“tagline”: “\u4e3a\u4e86\u641c\u7d22\uff0c\u4f60\u61c2\u7684”
\n}<\/p><\/blockquote>\n
\u963f\u5e15\u5947<\/h3>\n
\u8bf7\u5b89\u88c5httpd\u8f6f\u4ef6<\/p>\n
\u542f\u52a8HTTPD\u670d\u52a1<\/p>\n
\u6b63\u5728\u542f\u52a8 httpd: [\u6210\u529f]<\/p><\/blockquote>\n
Kibana – \u5eb7\u5b9d\u7eb3<\/h3>\n
\u4f7f\u7528curl\u547d\u4ee4\u4ecehttps:\/\/download.elasticsearch.org\/kibana\/kibana\/kibana-3.1.0.tar.gz\u4e0b\u8f7d\u6587\u4ef6\u3002<\/p>\n
\u89e3\u538b\u7f29 kibana-3.1.0.tar.gz\uff0c\u53ef\u4ee5\u4f7f\u7528 tar zxvf \u547d\u4ee4\u3002<\/p>\n
\u5c06kibana-3.1.0\u79fb\u52a8\u5230\/var\/www\/html\/kibana\u3002<\/p>\n
\u914d\u7f6e\u6587\u4ef6<\/h4>\n
\u6253\u5f00\u6587\u4ef6\/var\/www\/html\/kibana\/config.js\uff0c\u8bf7\u4f7f\u7528vim\u7f16\u8f91\u5668\u3002<\/p>\n
\/** @scratch \/configuration\/config.js\/1\r\n *\r\n * == Configuration\r\n * config.js is where you will find the core Kibana configuration. This file contains parameter that\r\n * must be set before kibana is run for the first time.\r\n *\/<\/span>\r\ndefine<\/span>([<\/span>'<\/span>settings<\/span>'<\/span>],<\/span>\r\nfunction<\/span> (<\/span>Settings<\/span>)<\/span> {<\/span>\r\n\r\n\r\n \/** @scratch \/configuration\/config.js\/2\r\n *\r\n * === Parameters\r\n *\/<\/span>\r\n return<\/span> new<\/span> Settings<\/span>({<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== elasticsearch\r\n *\r\n * The URL to your elasticsearch server. You almost certainly don't\r\n * want +http:\/\/localhost:9200+ here. Even if Kibana and Elasticsearch are on\r\n * the same host. By default this will attempt to reach ES at the same host you have\r\n * kibana installed on. You probably want to set it to the FQDN of your\r\n * elasticsearch host\r\n *\r\n * Note: this can also be an object if you want to pass options to the http client. For example:\r\n *\r\n * +elasticsearch: {server: \"http:\/\/localhost:9200\", withCredentials: true}+\r\n *\r\n *\/<\/span>\r\n \/\/elasticsearch: \"http:\/\/\"+window.location.hostname+\":9200\",<\/span>\r\n elasticsearch<\/span>:<\/span> \"<\/span>http:\/\/xxx.xxx.xxx.xxx{Server IP or localhost}:9200<\/span>\"<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== default_route\r\n *\r\n * This is the default landing page when you don't specify a dashboard to load. You can specify\r\n * files, scripts or saved dashboards here. For example, if you had saved a dashboard called\r\n * `WebLogs' to elasticsearch you might use:\r\n *\r\n * default_route: '\/dashboard\/elasticsearch\/WebLogs',\r\n *\/<\/span>\r\n default_route<\/span> :<\/span> '<\/span>\/dashboard\/file\/default.json<\/span>'<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== kibana-int\r\n *\r\n * The default ES index to use for storing Kibana specific object\r\n * such as stored dashboards\r\n *\/<\/span>\r\n kibana_index<\/span>:<\/span> \"<\/span>kibana-int<\/span>\"<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== panel_name\r\n *\r\n * An array of panel modules available. Panels will only be loaded when they are defined in the\r\n * dashboard, but this list is used in the \"add panel\" interface.\r\n *\/<\/span>\r\n panel_names<\/span>:<\/span> [<\/span>\r\n '<\/span>histogram<\/span>'<\/span>,<\/span>\r\n '<\/span>map<\/span>'<\/span>,<\/span>\r\n '<\/span>goal<\/span>'<\/span>,<\/span>\r\n '<\/span>table<\/span>'<\/span>,<\/span>\r\n '<\/span>filtering<\/span>'<\/span>,<\/span>\r\n '<\/span>timepicker<\/span>'<\/span>,<\/span>\r\n '<\/span>text<\/span>'<\/span>,<\/span>\r\n '<\/span>hits<\/span>'<\/span>,<\/span>\r\n '<\/span>column<\/span>'<\/span>,<\/span>\r\n '<\/span>trends<\/span>'<\/span>,<\/span>\r\n '<\/span>bettermap<\/span>'<\/span>,<\/span>\r\n '<\/span>query<\/span>'<\/span>,<\/span>\r\n '<\/span>terms<\/span>'<\/span>,<\/span>\r\n '<\/span>stats<\/span>'<\/span>,<\/span>\r\n '<\/span>sparklines<\/span>'<\/span>\r\n ]<\/span>\r\n });<\/span>\r\n});<\/span>\r\n\r\n<\/code><\/pre>\nFluentd \u6d41\u5229\u7684\u6d41\u7a0b\u8f93\u5165\u8f93\u51fa\u5de5\u5177<\/h3>\n
# \u4f7f\u7528curl\u547d\u4ee4\uff0c\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u4ecehttp:\/\/toolbelt.treasuredata.com\/sh\/install-redhat.sh\u4e0b\u8f7d\u5e76\u6267\u884c\u811a\u672c\u3002<\/p>\n
\u542f\u52a8td-agent\u7684\u670d\u52a1\uff0c\u8def\u5f84\u4e3a\/etc\/init.d\/td-agent\u3002<\/p>\n
\u542f\u52a8 td-agent\uff1a[ \u6210\u529f ]<\/p><\/blockquote>\n
\u5c06td-agent\u7684\u914d\u7f6e\u66f4\u6539\u4e3a\u5f00\u542f\u72b6\u6001\u3002<\/p>\n
Elasticsearch\u63d2\u4ef6<\/h4>\n
\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u60a8\u7684\u7cfb\u7edf\u4e0a\u5b89\u88c5gcc\u548clibcurl-devel\u8f6f\u4ef6\u5305\uff1a
\nyum\u5b89\u88c5gcc libcurl-devel\u3002<\/p>\n
\u4f7f\u7528\u539f\u751f\u7684\u4e2d\u6587\u8868\u8fbe\u4ee5\u4e0b\u53e5\u5b50\uff0c\u53ea\u9700\u4e00\u79cd\u9009\u62e9\uff1a
\n\u5728\u7ec8\u7aef\u8f93\u5165”\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-elasticsearch”\uff0c\u5b89\u88c5fluent-plugin-elasticsearch\u63d2\u4ef6\u3002<\/p>\n
SNMP\u63d2\u4ef6<\/h4>\n
\u4f7f\u7528\u672c\u5730\u7684\u4e2d\u6587\u91ca\u4e49\u4ee5\u4e0b\u547d\u4ee4\uff1a\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-snmp<\/p>\n
\u4f7f\u7528fluent-gem\u547d\u4ee4\u5b89\u88c5fluent-plugin-snmp\u3002<\/p>\n
\u63d0\u53d6\u63d2\u4ef6<\/h4>\n
\u4f7f\u7528\u672c\u5730\u8bed\u8a00\uff08\u4e2d\u6587\uff09\u7ed9\u51fa\u4ee5\u4e0b\u53e5\u5b50\u7684\u91cd\u65b0\u8868\u8ff0\uff0c
\n\u53ea\u9700\u7ed9\u51fa\u4e00\u79cd\u9009\u9879\uff1a
\n# \/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-derive<\/p>\n
\u5728\u7ec8\u7aef\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u4ee5\u5b89\u88c5fluent-plugin-derive\u63d2\u4ef6\uff1a
\n\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-derive<\/p>\n
\u63d2\u4ef6\u6027\u80fd\u6d4b\u8bd5<\/h4>\n
\u8bf7\u5728\u672c\u5730\u7684\u547d\u4ee4\u884c\u4e2d\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u4ee5\u5b89\u88c5Fluent\u63d2\u4ef6ping-message\uff1a<\/p>\n
\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-ping-message<\/p>\n
\u8a2d\u7f6e\u6a94\u6848 (She zhi dang an)<\/h4>\n
\u6253\u5f00\/etc\/td-agent\/td-agent.conf\u6587\u4ef6\uff0c\u5e76\u7528vim\u7f16\u8f91\u3002<\/p>\n
####\r\n## Output descriptions:\r\n##\r\n\r\n# Treasure Data (http:\/\/www.treasure-data.com\/) provides cloud based data\r\n# analytics platform, which easily stores and processes data from td-agent.\r\n# FREE plan is also provided.\r\n# @see http:\/\/docs.fluentd.org\/articles\/http-to-td\r\n#\r\n# This section matches events whose tag is td.DATABASE.TABLE\r\n<match td.*.*>\r\n type tdlog\r\n apikey YOUR_API_KEY\r\n\r\n auto_create_table\r\n buffer_type file\r\n buffer_path \/var\/log\/td-agent\/buffer\/td\r\n<\/match>\r\n\r\n## match tag=debug.** and dump to console\r\n<match debug.**>\r\n type stdout\r\n<\/match>\r\n\r\n####\r\n## Source descriptions:\r\n##\r\n\r\n## built-in TCP input\r\n## @see http:\/\/docs.fluentd.org\/articles\/in_forward\r\n<source>\r\n type forward\r\n<\/source>\r\n\r\n## built-in UNIX socket input\r\n#<source>\r\n# type unix\r\n#<\/source>\r\n\r\n# HTTP input\r\n# POST http:\/\/localhost:8888\/<tag>?json=<json>\r\n# POST http:\/\/localhost:8888\/td.myapp.login?json={\"user\"%3A\"me\"}\r\n# @see http:\/\/docs.fluentd.org\/articles\/in_http\r\n<source>\r\n type http\r\n port 8888\r\n<\/source>\r\n\r\n## live debugging agent\r\n<source>\r\n type debug_agent\r\n bind 127.0.0.1\r\n port 24230\r\n<\/source>\r\n\r\n####\r\n## Examples:\r\n##\r\n\r\n## File input\r\n## read apache logs continuously and tags td.apache.access\r\n#<source>\r\n# type tail\r\n# format apache\r\n# path \/var\/log\/httpd-access.log\r\n# tag td.apache.access\r\n#<\/source>\r\n\r\n## File output\r\n## match tag=local.** and write to file\r\n#<match local.**>\r\n# type file\r\n# path \/var\/log\/td-agent\/access\r\n#<\/match>\r\n\r\n## Forwarding\r\n## match tag=system.** and forward to another td-agent server\r\n#<match system.**>\r\n# type forward\r\n# host 192.168.0.11\r\n# # secondary host is optional\r\n# <secondary>\r\n# host 192.168.0.12\r\n# <\/secondary>\r\n#<\/match>\r\n\r\n## Multiple output\r\n## match tag=td.*.* and output to Treasure Data AND file\r\n#<match td.*.*>\r\n# type copy\r\n# <store>\r\n# type tdlog\r\n# apikey API_KEY\r\n# auto_create_table\r\n# buffer_type file\r\n# buffer_path \/var\/log\/td-agent\/buffer\/td\r\n# <\/store>\r\n# <store>\r\n# type file\r\n# path \/var\/log\/td-agent\/td-%Y-%m-%d\/%H.log\r\n# <\/store>\r\n#<\/match>\r\n\r\n######\r\n<source>\r\n type snmp\r\n tag snmp.server3\r\n nodes name, value\r\n host \"xxx.xxx.xxx.xxx {Router IP}\"\r\n community public\r\n mib ifInOctets.7\r\n method_type get\r\n polling_time 5\r\n polling_type async_run\r\n<\/source>\r\n\r\n<source>\r\n type snmp\r\n tag snmp.server4\r\n nodes name, value\r\n host \"xxx.xxx.xxx.xxx {Router IP}\"\r\n community public\r\n mib ifOutOctets.7\r\n method_type get\r\n polling_time 5\r\n polling_type async_run\r\n<\/source>\r\n\r\n<match snmp.server*>\r\n type copy\r\n\r\n <store>\r\n type derive\r\n add_tag_prefix derive\r\n key2 value *8\r\n <\/store>\r\n\r\n <store>\r\n type stdout\r\n <\/store>\r\n\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name traffic\r\n logstash_format true\r\n logstash_prefix snmp\r\n logstash_dateformat %Y%m\r\n\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u91cd\u65b0\u52a0\u8f7d td-agent \u670d\u52a1<\/p>\n
\u91cd\u65b0\u52a0\u8f7d td-agent: [ \u6210\u529f ]<\/p><\/blockquote>\n
\u5bf9Kibana\u8fdb\u884c\u5347\u7ea7\u81f3Kibana4<\/h2>\nhttp:\/\/qiita.com\/nagomu1985\/items\/82e699dde4f99b2ce417
\nhttps:\/\/shiro-16.hatenablog.com\/entry\/2015\/03\/14\/234023<\/p><\/blockquote>\n
\u622a\u5c4f (ji\u00e9<\/h3>\n![\"Traffic](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/49-0.png\" "\\"Traffic")
<\/div>\n\u6784\u6210<\/h3>\n![\"Network](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/51-0.png\" "\\"Network")
<\/div>\nJava\u662f\u4e00\u79cd\u5e7f\u6cdb\u4f7f\u7528\u7684\u7f16\u7a0b\u8bed\u8a00\u3002<\/h3>\n
\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u4e2d\u56fd\u672c\u5730\u5316\u7684\u73af\u5883\u4e0b\u8fdb\u884c\u91ca\u4e49,\u53ea\u9009\u62e9\u4e00\u79cd\u53ef\u80fd\u6027:<\/p>\n
# \u5378\u8f7d java-1.7.0-openjdk \u548c java-1.7.0-openjdk-devel.x86_64
\n# \u5b89\u88c5 java-1.8.0-openjdk \u548c java-1.8.0-openjdk-devel.x86_64<\/p>\n
Apache (\u6682\u505c\u8fd0\u884c\uff0c\u4ee5\u9632\u4e07\u4e00)<\/h3>\n
\u5173\u95edhttpd\u670d\u52a1\u3002
\n\u53d6\u6d88httpd\u7684\u81ea\u542f\u52a8\u8bbe\u7f6e\u3002<\/p>\n
\u5f39\u6027\u641c\u7d22<\/h3>\n
\u6253\u5f00`vim`\u7f16\u8f91\u5668\uff0c\u8fdb\u5165`\/etc\/yum.repos.d\/elasticsearch.repo`\u6587\u4ef6\u3002<\/p>\n
[elasticsearch-2.x]\r\nname=Elasticsearch repository for 2.x packages\r\nbaseurl=http:\/\/packages.elastic.co\/elasticsearch\/2.x\/centos\r\ngpgcheck=1\r\ngpgkey=http:\/\/packages.elastic.co\/GPG-KEY-elasticsearch\r\nenabled=1\r\n<\/code><\/pre>\n\u66f4\u65b0\u8f6f\u4ef6<\/p>\n
================================================================================\r\n \u30d1\u30c3\u30b1\u30fc\u30b8 \u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\r\n \u30d0\u30fc\u30b8\u30e7\u30f3 \u30ea\u30dd\u30b8\u30c8\u30ea\u30fc \u5bb9\u91cf\r\n================================================================================\r\n\u66f4\u65b0:\r\n elasticsearch noarch 2.1.0-1 elasticsearch-2.x 28 M\r\n\r\n\u30c8\u30e9\u30f3\u30b6\u30af\u30b7\u30e7\u30f3\u306e\u8981\u7d04\r\n================================================================================\r\n\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9 1 \u30d1\u30c3\u30b1\u30fc\u30b8\r\n<\/code><\/pre>\n\u91cd\u65b0\u542f\u52a8 Elasticsearch \u670d\u52a1<\/p>\n
\u6b63\u5728\u505c\u6b62elasticsearch: [ OK ]
\n\u6b63\u5728\u542f\u52a8elasticsearch: [ OK ]<\/p><\/blockquote>\n
\u57fa\u672c\u4e0a Kibana<\/h3>\n
wget https:\/\/download.elastic.co\/kibana\/kibana\/kibana-4.3.0-linux-x64.tar.gz<\/p>\n
\u8bf7\u4e0b\u8f7d https:\/\/download.elastic.co\/kibana\/kibana\/kibana-4.3.0-linux-x64.tar.gz<\/p>\n
\u89e3\u538b\u7f29\u547d\u4ee4”kibana-4.3.0-linux-x64.tar.gz”\u53ef\u4ee5\u4f7f\u7528”tar xvzf kibana-4.3.0-linux-x64.tar.gz”\u3002<\/p>\n
\u5c06kibana-4.3.0-linux-x64\u79fb\u52a8\u5230\/opt\/kibana\u76ee\u5f55\u4e0b\u3002<\/p>\n
\u6253\u5f00\u8def\u5f84\u4e3a\/opt\/kibana\/config\/kibana.yml\u7684\u6587\u4ef6 (in simplified Chinese)<\/p>\n
# Kibana is served by a back end server. This controls which port to use.<\/span>\r\n# server.port: 5601<\/span>\r\n\r\n# The host to bind the server to.<\/span>\r\n# server.host: \"0.0.0.0\"<\/span>\r\n\r\n# A value to use as a XSRF token. This token is sent back to the server on each request<\/span>\r\n# and required if you want to execute requests from other clients (like curl).<\/span>\r\n# server.xsrf.token: \"\"<\/span>\r\n\r\n# If you are running kibana behind a proxy, and want to mount it at a path,<\/span>\r\n# specify that path here. The basePath can't end in a slash.<\/span>\r\n# server.basePath: \"\"<\/span>\r\n\r\n# The Elasticsearch instance to use for all your queries.<\/span>\r\nelasticsearch.url<\/span>:<\/span> \"<\/span>http:\/\/localhost:9200\"<\/span>\r\n\r\n# preserve_elasticsearch_host true will send the hostname specified in `elasticsearch`. If you set it to false,<\/span>\r\n# then the host you use to connect to *this* Kibana instance will be sent.<\/span>\r\n# elasticsearch.preserveHost: true<\/span>\r\n\r\n# Kibana uses an index in Elasticsearch to store saved searches, visualizations<\/span>\r\n# and dashboards. It will create a new index if it doesn't already exist.<\/span>\r\n# kibana.index: \".kibana\"<\/span>\r\n\r\n# The default application to load.<\/span>\r\n# kibana.defaultAppId: \"discover\"<\/span>\r\n\r\n# If your Elasticsearch is protected with basic auth, these are the user credentials<\/span>\r\n# used by the Kibana server to perform maintenance on the kibana_index at startup. Your Kibana<\/span>\r\n# users will still need to authenticate with Elasticsearch (which is proxied through<\/span>\r\n# the Kibana server)<\/span>\r\n# elasticsearch.username: \"user\"<\/span>\r\n# elasticsearch.password: \"pass\"<\/span>\r\n\r\n# SSL for outgoing requests from the Kibana Server to the browser (PEM formatted)<\/span>\r\n# server.ssl.cert: \/path\/to\/your\/server.crt<\/span>\r\n# server.ssl.key: \/path\/to\/your\/server.key<\/span>\r\n\r\n# Optional setting to validate that your Elasticsearch backend uses the same key files (PEM formatted)<\/span>\r\n# elasticsearch.ssl.cert: \/path\/to\/your\/client.crt<\/span>\r\n# elasticsearch.ssl.key: \/path\/to\/your\/client.key<\/span>\r\n\r\n# If you need to provide a CA certificate for your Elasticsearch instance, put<\/span>\r\n# the path of the pem file here.<\/span>\r\n# elasticsearch.ssl.ca: \/path\/to\/your\/CA.pem<\/span>\r\n\r\n# Set to false to have a complete disregard for the validity of the SSL<\/span>\r\n# certificate.<\/span>\r\n# elasticsearch.ssl.verify: true<\/span>\r\n\r\n# Time in milliseconds to wait for elasticsearch to respond to pings, defaults to<\/span>\r\n# request_timeout setting<\/span>\r\n# elasticsearch.pingTimeout: 1500<\/span>\r\n\r\n# Time in milliseconds to wait for responses from the back end or elasticsearch.<\/span>\r\n# This must be > 0<\/span>\r\n# elasticsearch.requestTimeout: 300000<\/span>\r\n\r\n# Time in milliseconds for Elasticsearch to wait for responses from shards.<\/span>\r\n# Set to 0 to disable.<\/span>\r\n# elasticsearch.shardTimeout: 0<\/span>\r\n\r\n# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying<\/span>\r\n# elasticsearch.startupTimeout: 5000<\/span>\r\n\r\n# Set the path to where you would like the process id file to be created.<\/span>\r\n# pid.file: \/var\/run\/kibana.pid<\/span>\r\n\r\n# If you would like to send the log output to a file you can set the path below.<\/span>\r\n# logging.dest: stdout<\/span>\r\n\r\n# Set this to true to suppress all logging output.<\/span>\r\n# logging.silent: false<\/span>\r\n\r\n# Set this to true to suppress all logging output except for error messages.<\/span>\r\n# logging.quiet: false<\/span>\r\n\r\n# Set this to true to log all events, including system usage information and all requests.<\/span>\r\n# logging.verbose: false<\/span>\r\n<\/code><\/pre>\n\u6253\u5f00\/etc\/init.d\/kibana\u6587\u4ef6\u3002
\n\u8d4b\u4e88\/etc\/init.d\/kibana\u6267\u884c\u6743\u9650\u3002
\n\u542f\u52a8\/etc\/init.d\/kibana\u670d\u52a1\u3002
\n\u5c06kibana\u6dfb\u52a0\u5230chkconfig\u670d\u52a1\u3002
\n\u5c06chkconfig\u670d\u52a1\u8bbe\u4e3a\u5f00\u673a\u542f\u52a8kibana\u3002<\/p>\n
\u4f7f\u7528Netflow\u6765\u83b7\u53d6\u6d41\u91cf\u6570\u636e<\/h2>\n\u622a\u56fe<\/h3>\n![\"Main](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/72-0.png\" "\\"Main")
<\/div>\n\u6784\u6210<\/h3>\n
\u8bf7\u60f3\u8c61\u6ca1\u6709\uff08\u8bf7\u60a8\u60f3\u8c61\uff09\u3002<\/p>\n
\u8bbe\u5b9a<\/h3>\n
\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem\u5b89\u88c5fluent-plugin-netflow\u63d2\u4ef6\u3002\u7136\u540e\u7528vi\u7f16\u8f91\/etc\/td-agent\/td-agent.conf\u6587\u4ef6\u3002<\/p>\n
####\r\n## Router Flow\r\n<source>\r\n type netflow\r\n tag netflow.event\r\n port 5141\r\n<\/source>\r\n<match netflow.**>\r\n type copy\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name netflow\r\n logstash_format true\r\n logstash_prefix traffic-flow\r\n logstash_dateformat %Y%m%d\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u83b7\u53d6Kibana\u8bbf\u95ee\u65e5\u5fd7<\/h2>\n\u622a\u56fe<\/h3>\n
\u8bf7\u60f3\u8c61\uff08\u6ca1\u6709\uff09<\/p>\n
\u7ec4\u6210<\/h3>\n
\u6ca1\u6709\uff08\u8bf7\u60f3\u8c61\uff09<\/p>\n
\u8bbe\u7f6e<\/h3>\n
\u6253\u5f00\/etc\/td-agent\/td-agent.conf\u7684\u6587\u4ef6\u7f16\u8f91\u5668<\/p>\n
####\r\n## Kibana AccessLog\r\n<source>\r\n type tail\r\n path \/var\/log\/kibana\/kibana.log\r\n tag kibana.access\r\n pos_file \/var\/log\/td-agent\/kibana_log.pos\r\n format json\r\n<\/source>\r\n<match kibana.access>\r\n type copy\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name access_log\r\n logstash_format true\r\n logstash_prefix kibana_access\r\n logstash_dateformat %Y%m\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u901a\u8fc7\u4f7f\u7528\u8c37\u6b4c\u9a8c\u8bc1\u5668\uff0c\u5728Apache\uff08SSL\uff09\u4e0a\u52a0\u5f3aKibana4\u7684\u5b89\u5168\u6027\u3002<\/h2>\n\u7684\u5730\u8655\u662f\u8981\u8fbe\u5230\u7684\u7d50\u679c\u6216\u76ee\u6a19<\/h3>\n
\u867d\u7136\u6211\u5df2\u7ecf\u5bf9\u5916\u516c\u5f00\u4e86\uff0c\u4f46\u4ec5\u4ec5\u4f7f\u7528\u57fa\u672c\u8ba4\u8bc1\u8ba9\u6211\u611f\u5230\u4e0d\u653e\u5fc3\uff0c\u4f46\u662f\u9274\u4e8e\u514b\u5c14\u4f2f\u65af\u7b49\u8ba4\u8bc1\u65b9\u5f0f\u5f88\u9ebb\u70e6\uff0c\u6240\u4ee5\u6211\u4e0d\u60f3\u53bb\u505a\u3002
\n\u5982\u679c\u91c7\u7528\u4e00\u6b21\u6027\u5bc6\u7801\u8ba4\u8bc1\uff0c\u53ef\u4ee5\u5417\uff1f
\n\u5982\u679c\u4f7f\u7528\u4e24\u6b65\u9a8c\u8bc1\u4e4b\u7c7b\u7684\u8ba4\u8bc1\uff0c\u90a3\u5728\u516c\u53f8\u4f7f\u7528\u4e5f\u53ef\u4ee5\u5427\uff1f<\/p>\n
\u8bf7\u53c2\u8003<\/h3>\nhttps:\/\/github.com\/elastic\/kibana\/issues\/1559
\nhttp:\/\/nabedge.blogspot.jp\/2014\/05\/apachebasicgoogle-2.html<\/p>\n
https:\/\/github.com\/elastic\/kibana\/issues\/1559
\nhttp:\/\/nabedge.blogspot.jp\/2014\/05\/apachebasicgoogle-2.html<\/p><\/blockquote>\n
\u622a\u56fe<\/h3>\n
\u8bf7\u60f3\u8c61\uff08\u6ca1\u6709\u4efb\u4f55\u4e1c\u897f\uff09<\/p>\n
\u6784\u56fe<\/h3>\n
\u6ca1\u6709\uff08\u8bf7\u81ea\u5df1\u60f3\u8c61\uff09\u3002<\/p>\n
\u5b89\u88c5<\/h3>\n
\u4ece\u6d41\u7a0b\u4e0a\u6765\u770b\uff0c
\n\u4f7f\u7528\u57fa\u672c\u8ba4\u8bc1\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4
\n\u2192 \u4f7f\u7528Google\u8ba4\u8bc1\u5668\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4
\n\u2192 \u4f7f\u7528Google\u8ba4\u8bc1\u5668\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4\uff08SSL\u52a0\u5bc6\uff09
\n\u8fd9\u6837\u7406\u89e3\u4e0b\u6765\uff0c\u4f46\u8fd9\u592a\u9ebb\u70e6\u4e86\uff0c\u53ea\u7ed9\u51fa\u7ed3\u679c\u5c31\u597d\u3002<\/p>\n
SSL\u662f\u4e00\u79cd\u7528\u4e8e\u4fdd\u62a4\u7f51\u7edc\u901a\u4fe1\u5b89\u5168\u7684\u534f\u8bae\u3002<\/h4>\n
\u7279\u522b\u8bf4\u660e\u6ca1\u6709\u3002<\/p>\n
\u60a8\u53ef\u4ee5\u5728\u4ee5\u4e0b\u7db2\u5740\u4e2d\u67e5\u8a62CentOS 6\u7248\u672c\u4e0a\u5b89\u88ddhttpd\u670d\u52d9\u7684\u6b65\u9a5f\uff1a
\nhttp:\/\/www.server-world.info\/query?os=CentOS_6&p=httpd&f=5<\/p><\/blockquote>\n
\u8c37\u6b4c\u8eab\u4efd\u9a8c\u8bc1\u5668<\/h4>\n
\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u8fdb\u884c\u5b89\u88c5\uff1a
\n# yum install http:\/\/ftp.riken.jp\/Linux\/fedora\/epel\/6\/i386\/epel-release-6-8.noarch.rpm
\n# yum install httpd httpd-devel subversion google-authenticator
\n# svn checkout http:\/\/google-authenticator-apache-module.googlecode.com\/svn\/trunk\/ google-authenticator-apache-module-read-only
\n# cd google-authenticator-apache-module-read-only
\n# make
\n# make install
\n# \u5c06googleauth.conf\u590d\u5236\u5230\/etc\/httpd\/conf.d\/ \uff08\u867d\u7136\u6700\u540e\u6ca1\u6709\u4f7f\u7528\uff0c\u4f46\u4e3a\u4e86\u4fdd\u9669\u8d77\u89c1\uff09\u3002
\n# google-authenticator<\/p>\n
https:\/\/www.google.com\/chart?chs=......\r\nYour new secret key is: B3HHIJXXXXXXXXXX\r\nYour verification code is ......\r\nYour emergency scratch codes are:\r\n 3575....\r\n 8711....\r\n 5639....\r\n 9330....\r\n 1386....\r\n\r\nDo you want me to update your \"~\/.google_authenticator\" file (y\/n) y\r\nOVLUR4XXXXXXXXXX\r\n\r\nB3HHIJXXXXXXXXXX\r\nDo you want to disallow multiple uses of the same authentication\r\ntoken? This restricts you to one login about every 30s, but it increases\r\nyour chances to notice or even prevent man-in-the-middle attacks (y\/n) y\r\n\r\nBy default, tokens are good for 30 seconds and in order to compensate for\r\npossible time-skew between the client and the server, we allow an extra\r\ntoken before and after the current time. If you experience problems with poor\r\ntime synchronization, you can increase the window from its default\r\nsize of 1:30min to about 4min. Do you want to do so (y\/n) y\r\n\r\nIf the computer that you are logging into isn't hardened against brute-force\r\nlogin attempts, you can enable rate-limiting for the authentication module.\r\nBy default, this limits attackers to no more than 3 login attempts every 30s.\r\n# credendials. This file must be generated from the \"google_authenticator\"\r\nDo you want to enable rate-limiting (y\/n) y\r\n<\/code><\/pre>\n\u521b\u5efa\u76ee\u5f55\/etc\/httpd\/ga_auth
\n\u7f16\u8f91\/etc\/httpd\/ga_auth\/kibana{\u767b\u5f55\u65f6\u7684\u7528\u6237\u540d}<\/p>\n
B3HHIJXXXXXXXXXX\r\n\" RATE_LIMIT 3 30\r\n\" WINDOW_SIZE 17\r\n\" TOTP_AUTH\r\n\" PASSWORD={\u7b2c\u4e00\u8981\u7d20\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3002\u306a\u3057\u3067\u3082\u3044\u3051\u308b}\r\n<\/code><\/pre>\n\u6253\u5f00\/etc\/httpd\/conf\/httpd.conf\u8fd9\u4e2a\u6587\u4ef6\u3002<\/p>\n
NameVirtualHost *:5600\r\nListen 5600\r\n<VirtualHost *:5600>\r\n SSLEngine on\r\n SSLProtocol all -SSLv2\r\n SSLCipherSuite DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES\r\n SSLCertificateFile \/var\/www\/kibana4\/server.crt{\u8a3c\u660e\u66f8\u30d1\u30b9}\r\n SSLCertificateKeyFile \/var\/www\/kibana4\/server.key{\u30ad\u30fc\u30d1\u30b9}\r\n SetEnvIf User-Agent \".*MSIE.*\" \\\r\n nokeepalive ssl-unclean-shutdown \\\r\n downgrade-1.0 force-response-1.0\r\n LogLevel warn\r\n ProxyPreserveHost On\r\n ProxyRequests Off\r\n ProxyPass \/ http:\/\/localhost:5601\/{Kibana4\u3078\u306e\u30a2\u30af\u30bb\u30b9}\r\n ProxyPassReverse \/ http:\/\/localhost:5601\/{Kibana4\u3078\u306e\u30a2\u30af\u30bb\u30b9}\r\n <Location \/>\r\n Order deny,allow\r\n Allow from all\r\n AuthType Basic\r\n AuthName \"My Test\"\r\n AuthBasicProvider \"google_authenticator\"\r\n Require valid-user\r\n GoogleAuthUserPath ga_auth\r\n GoogleAuthCookieLife 3600\r\n GoogleAuthEntryWindow 2\r\n <\/Location>\r\n CustomLog \/var\/log\/httpd\/access_5600.log combined\r\n ErrorLog \/var\/log\/httpd\/error_5600.log\r\n<\/VirtualHost>\r\n<\/code><\/pre>\n\u91cd\u542fhttpd\u670d\u52a1
\n\u8bbe\u7f6ehttpd\u4e3a\u5f00\u673a\u542f\u52a8<\/p>\n
\u4f7f\u7528WA<\/h2>\n
\u30fbKibana\u548cElasticsearch\u4f1a\u81ea\u52a8\u6302\u8d77
\n\u2192 \u53ef\u80fd\u662f\u5185\u5b58\u4e0d\u8db3\u3002\u8981\u589e\u52a0\u5185\u5b58\u6216\u8005\u6dfb\u52a0swap\u3002
\n\u2192 \u53e6\u5916\uff0c\u5076\u5c14\u91cd\u65b0\u542f\u52a8Kibana\u5427\u3002\u5185\u5b58\u4f1a\u88ab\u6e05\u7406\u3002<\/p>\n
\u30fb\u8bbe\u7f6e\u5e94\u8be5\u662f\u6b63\u786e\u7684\uff0c\u4f46\u65e0\u6cd5\u83b7\u53d6\u65e5\u5fd7\u3002
\n\u2192 \u662f\u5426\u6539\u53d8\u4e86format\u683c\u5f0f\uff1f\u8bd5\u7740\u5220\u9664pos\u6587\u4ef6\u3002
\n\u2192 “# rm \/var\/log\/td-agent\/kibana_log.pos”<\/p>\n
\u63d0\u5347\u4e4b\u5904<\/h2>\n
[v3]
\n\u30fb\u4e3a\u4e86\u6307\u5b9aMIB\uff0c\u9700\u8981\u4e3a\u6bcf\u4e2a\u5fc5\u8981\u7684\u6570\u636e\u6dfb\u52a0\u8bbe\u7f6e\uff08\u5f88\u9ebb\u70e6\uff09
\n\u30fb\u4e0d\u4e3a\u591a\u4e2a\u8282\u70b9\u540c\u65f6\u83b7\u53d6\u800c\u521b\u5efa\uff08\u7528\u4f5c\u5de5\u4f5c\uff1f\uff09
\n\u30fb\u65e0\u6cd5\u5173\u8054IFindex\u548cdescription
\n\u30fb\u5b9e\u9645\u4e0a\u5e0c\u671b\u4ee51\u79d2\u7684\u95f4\u9694\u83b7\u53d6\u548c\u66f4\u65b0
\n\u203b\u5373\u4f7f\u8bbe\u4e3a1\u79d2\uff0cfluentd\u6bcf5\u79d2\u624d\u53d1\u9001\u4e00\u6b21…\u4e0d\u786e\u5b9a\u662f\u5426\u53ef\u4ee5\u5728\u8bbe\u7f6e\u4e2d\u66f4\u6539\u3002
\n\u30fb\u53ef\u80fd\u4f1a\u53d8\u5f97\u975e\u5e38\u91cd\uff0c\u5f53\u83b7\u53d6\u7684\u6570\u636e\u53d8\u591a\u65f6
\n\u30fb\u65e0\u6cd5\u663e\u793apps
\n\u30fb\u4e0d\u662f\u4ee5Mbps\u8868\u793a\uff0c\u800c\u662f\u4ee5MB\u8868\u793a\uff08\u6570\u636e\u672c\u8d28\u4e0a\u662fMbps\uff0c\u53ea\u662f\u5916\u89c2\u4e0a\u7684\u95ee\u9898\uff09
\n[v4]
\n\u30fb\u4e0d\u77e5\u9053\u5982\u4f55\u663e\u793a\u591a\u4e2a\u67e5\u8be2\u7684\u56fe\u8868\u3002
\n\u30fbNetflow\u53ea\u662f\u4e3a\u4e86\u80fd\u591f\u83b7\u53d6\u3002<\/p>\n
\u4e0b\u6b21\u4f1a\u901a\u77e5\u3002<\/h2>\n
\u4f7f\u7528Fluentd+Graphite+Grafana\u521b\u5efa\u65e0\u9700Java\u7684NMS
\n\u4f7f\u7528Fluentd+Groonga+ ??? \u521b\u5efaNSM
\n\u5c1d\u8bd5\u4f7f\u7528fluent-plugin-anomalydetect<\/p>\n
http:\/\/tech.aainc.co.jp\/archives\/3720-\u8bf7\u539f\u751f\u4e2d\u6587\u91ca\u4e49<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-40954","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n
\u4f7f\u7528"Fluentd+Elasticsearch+Kibana"\u6784\u5efaNMS - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528"Fluentd+Elasticsearch+Kibana"\u6784\u5efaNMS\" \/>\n<meta property=\"og:description\" content=\"\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-11T07:29:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-04T09:35:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/3-0.png\" \/>\n<meta name=\"author\" content=\"\u96c5, \u609f\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u96c5, \u609f\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\",\"name\":\"\u4f7f\u7528\\\"Fluentd+Elasticsearch+Kibana\\\"\u6784\u5efaNMS - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-09-11T07:29:27+00:00\",\"dateModified\":\"2024-05-04T09:35:51+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528”Fluentd+Elasticsearch+Kibana”\u6784\u5efaNMS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\",\"name\":\"\u96c5, \u609f\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"caption\":\"\u96c5, \u609f\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS","og_description":"\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-09-11T07:29:27+00:00","article_modified_time":"2024-05-04T09:35:51+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/3-0.png"}],"author":"\u96c5, \u609f","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u96c5, \u609f","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"11 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/","name":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-09-11T07:29:27+00:00","dateModified":"2024-05-04T09:35:51+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528”Fluentd+Elasticsearch+Kibana”\u6784\u5efaNMS"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6","name":"\u96c5, \u609f","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","caption":"\u96c5, \u609f"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=40954"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954\/revisions"}],"predecessor-version":[{"id":99723,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954\/revisions\/99723"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=40954"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=40954"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=40954"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/div>\n\u5b89\u88dd<\/h2>\nElasticksearch \u5f39\u6027\u641c\u7d22<\/h3>\n
\u6253\u5f00\/etc\/yum.repos.d\/elasticsearch.repo\u6587\u4ef6\u3002<\/p>\n
[elasticsearch-1.1]\r\nname=Elasticsearch repository for 1.1.x packages\r\nbaseurl=http:\/\/packages.elasticsearch.org\/elasticsearch\/1.1\/centos\r\ngpgcheck=1\r\ngpgkey=http:\/\/packages.elasticsearch.org\/GPG-KEY-elasticsearch\r\nenabled=1\r\n<\/code><\/pre>\n\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u6765\u5b89\u88c5elasticsearch\u53ca\u6240\u9700\u7684java\u5f00\u53d1\u5de5\u5177\uff1a
\nyum\u5b89\u88c5 elasticsearch java-1.7.0-openjdk-devel.x86_64<\/p>\n
\u542f\u52a8Elasticsearch\u670d\u52a1<\/p>\n
\u6b63\u5728\u542f\u52a8 Elasticsearch: [ OK ]<\/p><\/blockquote>\n
\u5f00\u542felasticsearch\u7684chkconfig<\/p>\n
# \u8bf7\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u672c\u5730\u8fd0\u884c\uff1acurl localhost:9200<\/p>\n
{
\n“status”: 200,
\n“name”: “\u81ea\u7531\u4e4b\u73af”,
\n“version”: {
\n“number”: “1.1.2”,
\n“build_hash”: “e511f7b28b77c4d99175905fac65bffbf4c80cf7”,
\n“build_timestamp”: “2014-05-22T12:27:39Z”,
\n“build_snapshot”: false,
\n“lucene_version”: “4.7”
\n},
\n“tagline”: “\u4e3a\u4e86\u641c\u7d22\uff0c\u4f60\u61c2\u7684”
\n}<\/p><\/blockquote>\n
\u963f\u5e15\u5947<\/h3>\n
\u8bf7\u5b89\u88c5httpd\u8f6f\u4ef6<\/p>\n
\u542f\u52a8HTTPD\u670d\u52a1<\/p>\n
\u6b63\u5728\u542f\u52a8 httpd: [\u6210\u529f]<\/p><\/blockquote>\n
Kibana – \u5eb7\u5b9d\u7eb3<\/h3>\n
\u4f7f\u7528curl\u547d\u4ee4\u4ecehttps:\/\/download.elasticsearch.org\/kibana\/kibana\/kibana-3.1.0.tar.gz\u4e0b\u8f7d\u6587\u4ef6\u3002<\/p>\n
\u89e3\u538b\u7f29 kibana-3.1.0.tar.gz\uff0c\u53ef\u4ee5\u4f7f\u7528 tar zxvf \u547d\u4ee4\u3002<\/p>\n
\u5c06kibana-3.1.0\u79fb\u52a8\u5230\/var\/www\/html\/kibana\u3002<\/p>\n
\u914d\u7f6e\u6587\u4ef6<\/h4>\n
\u6253\u5f00\u6587\u4ef6\/var\/www\/html\/kibana\/config.js\uff0c\u8bf7\u4f7f\u7528vim\u7f16\u8f91\u5668\u3002<\/p>\n
\/** @scratch \/configuration\/config.js\/1\r\n *\r\n * == Configuration\r\n * config.js is where you will find the core Kibana configuration. This file contains parameter that\r\n * must be set before kibana is run for the first time.\r\n *\/<\/span>\r\ndefine<\/span>([<\/span>'<\/span>settings<\/span>'<\/span>],<\/span>\r\nfunction<\/span> (<\/span>Settings<\/span>)<\/span> {<\/span>\r\n\r\n\r\n \/** @scratch \/configuration\/config.js\/2\r\n *\r\n * === Parameters\r\n *\/<\/span>\r\n return<\/span> new<\/span> Settings<\/span>({<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== elasticsearch\r\n *\r\n * The URL to your elasticsearch server. You almost certainly don't\r\n * want +http:\/\/localhost:9200+ here. Even if Kibana and Elasticsearch are on\r\n * the same host. By default this will attempt to reach ES at the same host you have\r\n * kibana installed on. You probably want to set it to the FQDN of your\r\n * elasticsearch host\r\n *\r\n * Note: this can also be an object if you want to pass options to the http client. For example:\r\n *\r\n * +elasticsearch: {server: \"http:\/\/localhost:9200\", withCredentials: true}+\r\n *\r\n *\/<\/span>\r\n \/\/elasticsearch: \"http:\/\/\"+window.location.hostname+\":9200\",<\/span>\r\n elasticsearch<\/span>:<\/span> \"<\/span>http:\/\/xxx.xxx.xxx.xxx{Server IP or localhost}:9200<\/span>\"<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== default_route\r\n *\r\n * This is the default landing page when you don't specify a dashboard to load. You can specify\r\n * files, scripts or saved dashboards here. For example, if you had saved a dashboard called\r\n * `WebLogs' to elasticsearch you might use:\r\n *\r\n * default_route: '\/dashboard\/elasticsearch\/WebLogs',\r\n *\/<\/span>\r\n default_route<\/span> :<\/span> '<\/span>\/dashboard\/file\/default.json<\/span>'<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== kibana-int\r\n *\r\n * The default ES index to use for storing Kibana specific object\r\n * such as stored dashboards\r\n *\/<\/span>\r\n kibana_index<\/span>:<\/span> \"<\/span>kibana-int<\/span>\"<\/span>,<\/span>\r\n\r\n \/** @scratch \/configuration\/config.js\/5\r\n *\r\n * ==== panel_name\r\n *\r\n * An array of panel modules available. Panels will only be loaded when they are defined in the\r\n * dashboard, but this list is used in the \"add panel\" interface.\r\n *\/<\/span>\r\n panel_names<\/span>:<\/span> [<\/span>\r\n '<\/span>histogram<\/span>'<\/span>,<\/span>\r\n '<\/span>map<\/span>'<\/span>,<\/span>\r\n '<\/span>goal<\/span>'<\/span>,<\/span>\r\n '<\/span>table<\/span>'<\/span>,<\/span>\r\n '<\/span>filtering<\/span>'<\/span>,<\/span>\r\n '<\/span>timepicker<\/span>'<\/span>,<\/span>\r\n '<\/span>text<\/span>'<\/span>,<\/span>\r\n '<\/span>hits<\/span>'<\/span>,<\/span>\r\n '<\/span>column<\/span>'<\/span>,<\/span>\r\n '<\/span>trends<\/span>'<\/span>,<\/span>\r\n '<\/span>bettermap<\/span>'<\/span>,<\/span>\r\n '<\/span>query<\/span>'<\/span>,<\/span>\r\n '<\/span>terms<\/span>'<\/span>,<\/span>\r\n '<\/span>stats<\/span>'<\/span>,<\/span>\r\n '<\/span>sparklines<\/span>'<\/span>\r\n ]<\/span>\r\n });<\/span>\r\n});<\/span>\r\n\r\n<\/code><\/pre>\nFluentd \u6d41\u5229\u7684\u6d41\u7a0b\u8f93\u5165\u8f93\u51fa\u5de5\u5177<\/h3>\n
# \u4f7f\u7528curl\u547d\u4ee4\uff0c\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u4ecehttp:\/\/toolbelt.treasuredata.com\/sh\/install-redhat.sh\u4e0b\u8f7d\u5e76\u6267\u884c\u811a\u672c\u3002<\/p>\n
\u542f\u52a8td-agent\u7684\u670d\u52a1\uff0c\u8def\u5f84\u4e3a\/etc\/init.d\/td-agent\u3002<\/p>\n
\u542f\u52a8 td-agent\uff1a[ \u6210\u529f ]<\/p><\/blockquote>\n
\u5c06td-agent\u7684\u914d\u7f6e\u66f4\u6539\u4e3a\u5f00\u542f\u72b6\u6001\u3002<\/p>\n
Elasticsearch\u63d2\u4ef6<\/h4>\n
\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u60a8\u7684\u7cfb\u7edf\u4e0a\u5b89\u88c5gcc\u548clibcurl-devel\u8f6f\u4ef6\u5305\uff1a
\nyum\u5b89\u88c5gcc libcurl-devel\u3002<\/p>\n
\u4f7f\u7528\u539f\u751f\u7684\u4e2d\u6587\u8868\u8fbe\u4ee5\u4e0b\u53e5\u5b50\uff0c\u53ea\u9700\u4e00\u79cd\u9009\u62e9\uff1a
\n\u5728\u7ec8\u7aef\u8f93\u5165”\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-elasticsearch”\uff0c\u5b89\u88c5fluent-plugin-elasticsearch\u63d2\u4ef6\u3002<\/p>\n
SNMP\u63d2\u4ef6<\/h4>\n
\u4f7f\u7528\u672c\u5730\u7684\u4e2d\u6587\u91ca\u4e49\u4ee5\u4e0b\u547d\u4ee4\uff1a\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-snmp<\/p>\n
\u4f7f\u7528fluent-gem\u547d\u4ee4\u5b89\u88c5fluent-plugin-snmp\u3002<\/p>\n
\u63d0\u53d6\u63d2\u4ef6<\/h4>\n
\u4f7f\u7528\u672c\u5730\u8bed\u8a00\uff08\u4e2d\u6587\uff09\u7ed9\u51fa\u4ee5\u4e0b\u53e5\u5b50\u7684\u91cd\u65b0\u8868\u8ff0\uff0c
\n\u53ea\u9700\u7ed9\u51fa\u4e00\u79cd\u9009\u9879\uff1a
\n# \/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-derive<\/p>\n
\u5728\u7ec8\u7aef\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u4ee5\u5b89\u88c5fluent-plugin-derive\u63d2\u4ef6\uff1a
\n\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-derive<\/p>\n
\u63d2\u4ef6\u6027\u80fd\u6d4b\u8bd5<\/h4>\n
\u8bf7\u5728\u672c\u5730\u7684\u547d\u4ee4\u884c\u4e2d\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u4ee5\u5b89\u88c5Fluent\u63d2\u4ef6ping-message\uff1a<\/p>\n
\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem install fluent-plugin-ping-message<\/p>\n
\u8a2d\u7f6e\u6a94\u6848 (She zhi dang an)<\/h4>\n
\u6253\u5f00\/etc\/td-agent\/td-agent.conf\u6587\u4ef6\uff0c\u5e76\u7528vim\u7f16\u8f91\u3002<\/p>\n
####\r\n## Output descriptions:\r\n##\r\n\r\n# Treasure Data (http:\/\/www.treasure-data.com\/) provides cloud based data\r\n# analytics platform, which easily stores and processes data from td-agent.\r\n# FREE plan is also provided.\r\n# @see http:\/\/docs.fluentd.org\/articles\/http-to-td\r\n#\r\n# This section matches events whose tag is td.DATABASE.TABLE\r\n<match td.*.*>\r\n type tdlog\r\n apikey YOUR_API_KEY\r\n\r\n auto_create_table\r\n buffer_type file\r\n buffer_path \/var\/log\/td-agent\/buffer\/td\r\n<\/match>\r\n\r\n## match tag=debug.** and dump to console\r\n<match debug.**>\r\n type stdout\r\n<\/match>\r\n\r\n####\r\n## Source descriptions:\r\n##\r\n\r\n## built-in TCP input\r\n## @see http:\/\/docs.fluentd.org\/articles\/in_forward\r\n<source>\r\n type forward\r\n<\/source>\r\n\r\n## built-in UNIX socket input\r\n#<source>\r\n# type unix\r\n#<\/source>\r\n\r\n# HTTP input\r\n# POST http:\/\/localhost:8888\/<tag>?json=<json>\r\n# POST http:\/\/localhost:8888\/td.myapp.login?json={\"user\"%3A\"me\"}\r\n# @see http:\/\/docs.fluentd.org\/articles\/in_http\r\n<source>\r\n type http\r\n port 8888\r\n<\/source>\r\n\r\n## live debugging agent\r\n<source>\r\n type debug_agent\r\n bind 127.0.0.1\r\n port 24230\r\n<\/source>\r\n\r\n####\r\n## Examples:\r\n##\r\n\r\n## File input\r\n## read apache logs continuously and tags td.apache.access\r\n#<source>\r\n# type tail\r\n# format apache\r\n# path \/var\/log\/httpd-access.log\r\n# tag td.apache.access\r\n#<\/source>\r\n\r\n## File output\r\n## match tag=local.** and write to file\r\n#<match local.**>\r\n# type file\r\n# path \/var\/log\/td-agent\/access\r\n#<\/match>\r\n\r\n## Forwarding\r\n## match tag=system.** and forward to another td-agent server\r\n#<match system.**>\r\n# type forward\r\n# host 192.168.0.11\r\n# # secondary host is optional\r\n# <secondary>\r\n# host 192.168.0.12\r\n# <\/secondary>\r\n#<\/match>\r\n\r\n## Multiple output\r\n## match tag=td.*.* and output to Treasure Data AND file\r\n#<match td.*.*>\r\n# type copy\r\n# <store>\r\n# type tdlog\r\n# apikey API_KEY\r\n# auto_create_table\r\n# buffer_type file\r\n# buffer_path \/var\/log\/td-agent\/buffer\/td\r\n# <\/store>\r\n# <store>\r\n# type file\r\n# path \/var\/log\/td-agent\/td-%Y-%m-%d\/%H.log\r\n# <\/store>\r\n#<\/match>\r\n\r\n######\r\n<source>\r\n type snmp\r\n tag snmp.server3\r\n nodes name, value\r\n host \"xxx.xxx.xxx.xxx {Router IP}\"\r\n community public\r\n mib ifInOctets.7\r\n method_type get\r\n polling_time 5\r\n polling_type async_run\r\n<\/source>\r\n\r\n<source>\r\n type snmp\r\n tag snmp.server4\r\n nodes name, value\r\n host \"xxx.xxx.xxx.xxx {Router IP}\"\r\n community public\r\n mib ifOutOctets.7\r\n method_type get\r\n polling_time 5\r\n polling_type async_run\r\n<\/source>\r\n\r\n<match snmp.server*>\r\n type copy\r\n\r\n <store>\r\n type derive\r\n add_tag_prefix derive\r\n key2 value *8\r\n <\/store>\r\n\r\n <store>\r\n type stdout\r\n <\/store>\r\n\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name traffic\r\n logstash_format true\r\n logstash_prefix snmp\r\n logstash_dateformat %Y%m\r\n\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u91cd\u65b0\u52a0\u8f7d td-agent \u670d\u52a1<\/p>\n
\u91cd\u65b0\u52a0\u8f7d td-agent: [ \u6210\u529f ]<\/p><\/blockquote>\n
\u5bf9Kibana\u8fdb\u884c\u5347\u7ea7\u81f3Kibana4<\/h2>\nhttp:\/\/qiita.com\/nagomu1985\/items\/82e699dde4f99b2ce417
\nhttps:\/\/shiro-16.hatenablog.com\/entry\/2015\/03\/14\/234023<\/p><\/blockquote>\n
\u622a\u5c4f (ji\u00e9<\/h3>\n<\/div>\n\u6784\u6210<\/h3>\n<\/div>\nJava\u662f\u4e00\u79cd\u5e7f\u6cdb\u4f7f\u7528\u7684\u7f16\u7a0b\u8bed\u8a00\u3002<\/h3>\n
\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u5728\u4e2d\u56fd\u672c\u5730\u5316\u7684\u73af\u5883\u4e0b\u8fdb\u884c\u91ca\u4e49,\u53ea\u9009\u62e9\u4e00\u79cd\u53ef\u80fd\u6027:<\/p>\n
# \u5378\u8f7d java-1.7.0-openjdk \u548c java-1.7.0-openjdk-devel.x86_64
\n# \u5b89\u88c5 java-1.8.0-openjdk \u548c java-1.8.0-openjdk-devel.x86_64<\/p>\n
Apache (\u6682\u505c\u8fd0\u884c\uff0c\u4ee5\u9632\u4e07\u4e00)<\/h3>\n
\u5173\u95edhttpd\u670d\u52a1\u3002
\n\u53d6\u6d88httpd\u7684\u81ea\u542f\u52a8\u8bbe\u7f6e\u3002<\/p>\n
\u5f39\u6027\u641c\u7d22<\/h3>\n
\u6253\u5f00`vim`\u7f16\u8f91\u5668\uff0c\u8fdb\u5165`\/etc\/yum.repos.d\/elasticsearch.repo`\u6587\u4ef6\u3002<\/p>\n
[elasticsearch-2.x]\r\nname=Elasticsearch repository for 2.x packages\r\nbaseurl=http:\/\/packages.elastic.co\/elasticsearch\/2.x\/centos\r\ngpgcheck=1\r\ngpgkey=http:\/\/packages.elastic.co\/GPG-KEY-elasticsearch\r\nenabled=1\r\n<\/code><\/pre>\n\u66f4\u65b0\u8f6f\u4ef6<\/p>\n
================================================================================\r\n \u30d1\u30c3\u30b1\u30fc\u30b8 \u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\r\n \u30d0\u30fc\u30b8\u30e7\u30f3 \u30ea\u30dd\u30b8\u30c8\u30ea\u30fc \u5bb9\u91cf\r\n================================================================================\r\n\u66f4\u65b0:\r\n elasticsearch noarch 2.1.0-1 elasticsearch-2.x 28 M\r\n\r\n\u30c8\u30e9\u30f3\u30b6\u30af\u30b7\u30e7\u30f3\u306e\u8981\u7d04\r\n================================================================================\r\n\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9 1 \u30d1\u30c3\u30b1\u30fc\u30b8\r\n<\/code><\/pre>\n\u91cd\u65b0\u542f\u52a8 Elasticsearch \u670d\u52a1<\/p>\n
\u6b63\u5728\u505c\u6b62elasticsearch: [ OK ]
\n\u6b63\u5728\u542f\u52a8elasticsearch: [ OK ]<\/p><\/blockquote>\n
\u57fa\u672c\u4e0a Kibana<\/h3>\n
wget https:\/\/download.elastic.co\/kibana\/kibana\/kibana-4.3.0-linux-x64.tar.gz<\/p>\n
\u8bf7\u4e0b\u8f7d https:\/\/download.elastic.co\/kibana\/kibana\/kibana-4.3.0-linux-x64.tar.gz<\/p>\n
\u89e3\u538b\u7f29\u547d\u4ee4”kibana-4.3.0-linux-x64.tar.gz”\u53ef\u4ee5\u4f7f\u7528”tar xvzf kibana-4.3.0-linux-x64.tar.gz”\u3002<\/p>\n
\u5c06kibana-4.3.0-linux-x64\u79fb\u52a8\u5230\/opt\/kibana\u76ee\u5f55\u4e0b\u3002<\/p>\n
\u6253\u5f00\u8def\u5f84\u4e3a\/opt\/kibana\/config\/kibana.yml\u7684\u6587\u4ef6 (in simplified Chinese)<\/p>\n
# Kibana is served by a back end server. This controls which port to use.<\/span>\r\n# server.port: 5601<\/span>\r\n\r\n# The host to bind the server to.<\/span>\r\n# server.host: \"0.0.0.0\"<\/span>\r\n\r\n# A value to use as a XSRF token. This token is sent back to the server on each request<\/span>\r\n# and required if you want to execute requests from other clients (like curl).<\/span>\r\n# server.xsrf.token: \"\"<\/span>\r\n\r\n# If you are running kibana behind a proxy, and want to mount it at a path,<\/span>\r\n# specify that path here. The basePath can't end in a slash.<\/span>\r\n# server.basePath: \"\"<\/span>\r\n\r\n# The Elasticsearch instance to use for all your queries.<\/span>\r\nelasticsearch.url<\/span>:<\/span> \"<\/span>http:\/\/localhost:9200\"<\/span>\r\n\r\n# preserve_elasticsearch_host true will send the hostname specified in `elasticsearch`. If you set it to false,<\/span>\r\n# then the host you use to connect to *this* Kibana instance will be sent.<\/span>\r\n# elasticsearch.preserveHost: true<\/span>\r\n\r\n# Kibana uses an index in Elasticsearch to store saved searches, visualizations<\/span>\r\n# and dashboards. It will create a new index if it doesn't already exist.<\/span>\r\n# kibana.index: \".kibana\"<\/span>\r\n\r\n# The default application to load.<\/span>\r\n# kibana.defaultAppId: \"discover\"<\/span>\r\n\r\n# If your Elasticsearch is protected with basic auth, these are the user credentials<\/span>\r\n# used by the Kibana server to perform maintenance on the kibana_index at startup. Your Kibana<\/span>\r\n# users will still need to authenticate with Elasticsearch (which is proxied through<\/span>\r\n# the Kibana server)<\/span>\r\n# elasticsearch.username: \"user\"<\/span>\r\n# elasticsearch.password: \"pass\"<\/span>\r\n\r\n# SSL for outgoing requests from the Kibana Server to the browser (PEM formatted)<\/span>\r\n# server.ssl.cert: \/path\/to\/your\/server.crt<\/span>\r\n# server.ssl.key: \/path\/to\/your\/server.key<\/span>\r\n\r\n# Optional setting to validate that your Elasticsearch backend uses the same key files (PEM formatted)<\/span>\r\n# elasticsearch.ssl.cert: \/path\/to\/your\/client.crt<\/span>\r\n# elasticsearch.ssl.key: \/path\/to\/your\/client.key<\/span>\r\n\r\n# If you need to provide a CA certificate for your Elasticsearch instance, put<\/span>\r\n# the path of the pem file here.<\/span>\r\n# elasticsearch.ssl.ca: \/path\/to\/your\/CA.pem<\/span>\r\n\r\n# Set to false to have a complete disregard for the validity of the SSL<\/span>\r\n# certificate.<\/span>\r\n# elasticsearch.ssl.verify: true<\/span>\r\n\r\n# Time in milliseconds to wait for elasticsearch to respond to pings, defaults to<\/span>\r\n# request_timeout setting<\/span>\r\n# elasticsearch.pingTimeout: 1500<\/span>\r\n\r\n# Time in milliseconds to wait for responses from the back end or elasticsearch.<\/span>\r\n# This must be > 0<\/span>\r\n# elasticsearch.requestTimeout: 300000<\/span>\r\n\r\n# Time in milliseconds for Elasticsearch to wait for responses from shards.<\/span>\r\n# Set to 0 to disable.<\/span>\r\n# elasticsearch.shardTimeout: 0<\/span>\r\n\r\n# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying<\/span>\r\n# elasticsearch.startupTimeout: 5000<\/span>\r\n\r\n# Set the path to where you would like the process id file to be created.<\/span>\r\n# pid.file: \/var\/run\/kibana.pid<\/span>\r\n\r\n# If you would like to send the log output to a file you can set the path below.<\/span>\r\n# logging.dest: stdout<\/span>\r\n\r\n# Set this to true to suppress all logging output.<\/span>\r\n# logging.silent: false<\/span>\r\n\r\n# Set this to true to suppress all logging output except for error messages.<\/span>\r\n# logging.quiet: false<\/span>\r\n\r\n# Set this to true to log all events, including system usage information and all requests.<\/span>\r\n# logging.verbose: false<\/span>\r\n<\/code><\/pre>\n\u6253\u5f00\/etc\/init.d\/kibana\u6587\u4ef6\u3002
\n\u8d4b\u4e88\/etc\/init.d\/kibana\u6267\u884c\u6743\u9650\u3002
\n\u542f\u52a8\/etc\/init.d\/kibana\u670d\u52a1\u3002
\n\u5c06kibana\u6dfb\u52a0\u5230chkconfig\u670d\u52a1\u3002
\n\u5c06chkconfig\u670d\u52a1\u8bbe\u4e3a\u5f00\u673a\u542f\u52a8kibana\u3002<\/p>\n
\u4f7f\u7528Netflow\u6765\u83b7\u53d6\u6d41\u91cf\u6570\u636e<\/h2>\n\u622a\u56fe<\/h3>\n<\/div>\n\u6784\u6210<\/h3>\n
\u8bf7\u60f3\u8c61\u6ca1\u6709\uff08\u8bf7\u60a8\u60f3\u8c61\uff09\u3002<\/p>\n
\u8bbe\u5b9a<\/h3>\n
\/usr\/lib64\/fluent\/ruby\/bin\/fluent-gem\u5b89\u88c5fluent-plugin-netflow\u63d2\u4ef6\u3002\u7136\u540e\u7528vi\u7f16\u8f91\/etc\/td-agent\/td-agent.conf\u6587\u4ef6\u3002<\/p>\n
####\r\n## Router Flow\r\n<source>\r\n type netflow\r\n tag netflow.event\r\n port 5141\r\n<\/source>\r\n<match netflow.**>\r\n type copy\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name netflow\r\n logstash_format true\r\n logstash_prefix traffic-flow\r\n logstash_dateformat %Y%m%d\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u83b7\u53d6Kibana\u8bbf\u95ee\u65e5\u5fd7<\/h2>\n\u622a\u56fe<\/h3>\n
\u8bf7\u60f3\u8c61\uff08\u6ca1\u6709\uff09<\/p>\n
\u7ec4\u6210<\/h3>\n
\u6ca1\u6709\uff08\u8bf7\u60f3\u8c61\uff09<\/p>\n
\u8bbe\u7f6e<\/h3>\n
\u6253\u5f00\/etc\/td-agent\/td-agent.conf\u7684\u6587\u4ef6\u7f16\u8f91\u5668<\/p>\n
####\r\n## Kibana AccessLog\r\n<source>\r\n type tail\r\n path \/var\/log\/kibana\/kibana.log\r\n tag kibana.access\r\n pos_file \/var\/log\/td-agent\/kibana_log.pos\r\n format json\r\n<\/source>\r\n<match kibana.access>\r\n type copy\r\n <store>\r\n type elasticsearch\r\n host localhost\r\n port 9200\r\n type_name access_log\r\n logstash_format true\r\n logstash_prefix kibana_access\r\n logstash_dateformat %Y%m\r\n buffer_type memory\r\n buffer_chunk_limit 10m\r\n buffer_queue_limit 10\r\n flush_interval 1s\r\n retry_limit 16\r\n retry_wait 1s\r\n <\/store>\r\n<\/match>\r\n<\/code><\/pre>\n\u901a\u8fc7\u4f7f\u7528\u8c37\u6b4c\u9a8c\u8bc1\u5668\uff0c\u5728Apache\uff08SSL\uff09\u4e0a\u52a0\u5f3aKibana4\u7684\u5b89\u5168\u6027\u3002<\/h2>\n\u7684\u5730\u8655\u662f\u8981\u8fbe\u5230\u7684\u7d50\u679c\u6216\u76ee\u6a19<\/h3>\n
\u867d\u7136\u6211\u5df2\u7ecf\u5bf9\u5916\u516c\u5f00\u4e86\uff0c\u4f46\u4ec5\u4ec5\u4f7f\u7528\u57fa\u672c\u8ba4\u8bc1\u8ba9\u6211\u611f\u5230\u4e0d\u653e\u5fc3\uff0c\u4f46\u662f\u9274\u4e8e\u514b\u5c14\u4f2f\u65af\u7b49\u8ba4\u8bc1\u65b9\u5f0f\u5f88\u9ebb\u70e6\uff0c\u6240\u4ee5\u6211\u4e0d\u60f3\u53bb\u505a\u3002
\n\u5982\u679c\u91c7\u7528\u4e00\u6b21\u6027\u5bc6\u7801\u8ba4\u8bc1\uff0c\u53ef\u4ee5\u5417\uff1f
\n\u5982\u679c\u4f7f\u7528\u4e24\u6b65\u9a8c\u8bc1\u4e4b\u7c7b\u7684\u8ba4\u8bc1\uff0c\u90a3\u5728\u516c\u53f8\u4f7f\u7528\u4e5f\u53ef\u4ee5\u5427\uff1f<\/p>\n
\u8bf7\u53c2\u8003<\/h3>\nhttps:\/\/github.com\/elastic\/kibana\/issues\/1559
\nhttp:\/\/nabedge.blogspot.jp\/2014\/05\/apachebasicgoogle-2.html<\/p>\n
https:\/\/github.com\/elastic\/kibana\/issues\/1559
\nhttp:\/\/nabedge.blogspot.jp\/2014\/05\/apachebasicgoogle-2.html<\/p><\/blockquote>\n
\u622a\u56fe<\/h3>\n
\u8bf7\u60f3\u8c61\uff08\u6ca1\u6709\u4efb\u4f55\u4e1c\u897f\uff09<\/p>\n
\u6784\u56fe<\/h3>\n
\u6ca1\u6709\uff08\u8bf7\u81ea\u5df1\u60f3\u8c61\uff09\u3002<\/p>\n
\u5b89\u88c5<\/h3>\n
\u4ece\u6d41\u7a0b\u4e0a\u6765\u770b\uff0c
\n\u4f7f\u7528\u57fa\u672c\u8ba4\u8bc1\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4
\n\u2192 \u4f7f\u7528Google\u8ba4\u8bc1\u5668\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4
\n\u2192 \u4f7f\u7528Google\u8ba4\u8bc1\u5668\u5728Apache\u4e0a\u8fd0\u884c\u7684Kibana4\uff08SSL\u52a0\u5bc6\uff09
\n\u8fd9\u6837\u7406\u89e3\u4e0b\u6765\uff0c\u4f46\u8fd9\u592a\u9ebb\u70e6\u4e86\uff0c\u53ea\u7ed9\u51fa\u7ed3\u679c\u5c31\u597d\u3002<\/p>\n
SSL\u662f\u4e00\u79cd\u7528\u4e8e\u4fdd\u62a4\u7f51\u7edc\u901a\u4fe1\u5b89\u5168\u7684\u534f\u8bae\u3002<\/h4>\n
\u7279\u522b\u8bf4\u660e\u6ca1\u6709\u3002<\/p>\n
\u60a8\u53ef\u4ee5\u5728\u4ee5\u4e0b\u7db2\u5740\u4e2d\u67e5\u8a62CentOS 6\u7248\u672c\u4e0a\u5b89\u88ddhttpd\u670d\u52d9\u7684\u6b65\u9a5f\uff1a
\nhttp:\/\/www.server-world.info\/query?os=CentOS_6&p=httpd&f=5<\/p><\/blockquote>\n
\u8c37\u6b4c\u8eab\u4efd\u9a8c\u8bc1\u5668<\/h4>\n
\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\u8fdb\u884c\u5b89\u88c5\uff1a
\n# yum install http:\/\/ftp.riken.jp\/Linux\/fedora\/epel\/6\/i386\/epel-release-6-8.noarch.rpm
\n# yum install httpd httpd-devel subversion google-authenticator
\n# svn checkout http:\/\/google-authenticator-apache-module.googlecode.com\/svn\/trunk\/ google-authenticator-apache-module-read-only
\n# cd google-authenticator-apache-module-read-only
\n# make
\n# make install
\n# \u5c06googleauth.conf\u590d\u5236\u5230\/etc\/httpd\/conf.d\/ \uff08\u867d\u7136\u6700\u540e\u6ca1\u6709\u4f7f\u7528\uff0c\u4f46\u4e3a\u4e86\u4fdd\u9669\u8d77\u89c1\uff09\u3002
\n# google-authenticator<\/p>\n
https:\/\/www.google.com\/chart?chs=......\r\nYour new secret key is: B3HHIJXXXXXXXXXX\r\nYour verification code is ......\r\nYour emergency scratch codes are:\r\n 3575....\r\n 8711....\r\n 5639....\r\n 9330....\r\n 1386....\r\n\r\nDo you want me to update your \"~\/.google_authenticator\" file (y\/n) y\r\nOVLUR4XXXXXXXXXX\r\n\r\nB3HHIJXXXXXXXXXX\r\nDo you want to disallow multiple uses of the same authentication\r\ntoken? This restricts you to one login about every 30s, but it increases\r\nyour chances to notice or even prevent man-in-the-middle attacks (y\/n) y\r\n\r\nBy default, tokens are good for 30 seconds and in order to compensate for\r\npossible time-skew between the client and the server, we allow an extra\r\ntoken before and after the current time. If you experience problems with poor\r\ntime synchronization, you can increase the window from its default\r\nsize of 1:30min to about 4min. Do you want to do so (y\/n) y\r\n\r\nIf the computer that you are logging into isn't hardened against brute-force\r\nlogin attempts, you can enable rate-limiting for the authentication module.\r\nBy default, this limits attackers to no more than 3 login attempts every 30s.\r\n# credendials. This file must be generated from the \"google_authenticator\"\r\nDo you want to enable rate-limiting (y\/n) y\r\n<\/code><\/pre>\n\u521b\u5efa\u76ee\u5f55\/etc\/httpd\/ga_auth
\n\u7f16\u8f91\/etc\/httpd\/ga_auth\/kibana{\u767b\u5f55\u65f6\u7684\u7528\u6237\u540d}<\/p>\n
B3HHIJXXXXXXXXXX\r\n\" RATE_LIMIT 3 30\r\n\" WINDOW_SIZE 17\r\n\" TOTP_AUTH\r\n\" PASSWORD={\u7b2c\u4e00\u8981\u7d20\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3002\u306a\u3057\u3067\u3082\u3044\u3051\u308b}\r\n<\/code><\/pre>\n\u6253\u5f00\/etc\/httpd\/conf\/httpd.conf\u8fd9\u4e2a\u6587\u4ef6\u3002<\/p>\n
NameVirtualHost *:5600\r\nListen 5600\r\n<VirtualHost *:5600>\r\n SSLEngine on\r\n SSLProtocol all -SSLv2\r\n SSLCipherSuite DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES\r\n SSLCertificateFile \/var\/www\/kibana4\/server.crt{\u8a3c\u660e\u66f8\u30d1\u30b9}\r\n SSLCertificateKeyFile \/var\/www\/kibana4\/server.key{\u30ad\u30fc\u30d1\u30b9}\r\n SetEnvIf User-Agent \".*MSIE.*\" \\\r\n nokeepalive ssl-unclean-shutdown \\\r\n downgrade-1.0 force-response-1.0\r\n LogLevel warn\r\n ProxyPreserveHost On\r\n ProxyRequests Off\r\n ProxyPass \/ http:\/\/localhost:5601\/{Kibana4\u3078\u306e\u30a2\u30af\u30bb\u30b9}\r\n ProxyPassReverse \/ http:\/\/localhost:5601\/{Kibana4\u3078\u306e\u30a2\u30af\u30bb\u30b9}\r\n <Location \/>\r\n Order deny,allow\r\n Allow from all\r\n AuthType Basic\r\n AuthName \"My Test\"\r\n AuthBasicProvider \"google_authenticator\"\r\n Require valid-user\r\n GoogleAuthUserPath ga_auth\r\n GoogleAuthCookieLife 3600\r\n GoogleAuthEntryWindow 2\r\n <\/Location>\r\n CustomLog \/var\/log\/httpd\/access_5600.log combined\r\n ErrorLog \/var\/log\/httpd\/error_5600.log\r\n<\/VirtualHost>\r\n<\/code><\/pre>\n\u91cd\u542fhttpd\u670d\u52a1
\n\u8bbe\u7f6ehttpd\u4e3a\u5f00\u673a\u542f\u52a8<\/p>\n
\u4f7f\u7528WA<\/h2>\n
\u30fbKibana\u548cElasticsearch\u4f1a\u81ea\u52a8\u6302\u8d77
\n\u2192 \u53ef\u80fd\u662f\u5185\u5b58\u4e0d\u8db3\u3002\u8981\u589e\u52a0\u5185\u5b58\u6216\u8005\u6dfb\u52a0swap\u3002
\n\u2192 \u53e6\u5916\uff0c\u5076\u5c14\u91cd\u65b0\u542f\u52a8Kibana\u5427\u3002\u5185\u5b58\u4f1a\u88ab\u6e05\u7406\u3002<\/p>\n
\u30fb\u8bbe\u7f6e\u5e94\u8be5\u662f\u6b63\u786e\u7684\uff0c\u4f46\u65e0\u6cd5\u83b7\u53d6\u65e5\u5fd7\u3002
\n\u2192 \u662f\u5426\u6539\u53d8\u4e86format\u683c\u5f0f\uff1f\u8bd5\u7740\u5220\u9664pos\u6587\u4ef6\u3002
\n\u2192 “# rm \/var\/log\/td-agent\/kibana_log.pos”<\/p>\n
\u63d0\u5347\u4e4b\u5904<\/h2>\n
[v3]
\n\u30fb\u4e3a\u4e86\u6307\u5b9aMIB\uff0c\u9700\u8981\u4e3a\u6bcf\u4e2a\u5fc5\u8981\u7684\u6570\u636e\u6dfb\u52a0\u8bbe\u7f6e\uff08\u5f88\u9ebb\u70e6\uff09
\n\u30fb\u4e0d\u4e3a\u591a\u4e2a\u8282\u70b9\u540c\u65f6\u83b7\u53d6\u800c\u521b\u5efa\uff08\u7528\u4f5c\u5de5\u4f5c\uff1f\uff09
\n\u30fb\u65e0\u6cd5\u5173\u8054IFindex\u548cdescription
\n\u30fb\u5b9e\u9645\u4e0a\u5e0c\u671b\u4ee51\u79d2\u7684\u95f4\u9694\u83b7\u53d6\u548c\u66f4\u65b0
\n\u203b\u5373\u4f7f\u8bbe\u4e3a1\u79d2\uff0cfluentd\u6bcf5\u79d2\u624d\u53d1\u9001\u4e00\u6b21…\u4e0d\u786e\u5b9a\u662f\u5426\u53ef\u4ee5\u5728\u8bbe\u7f6e\u4e2d\u66f4\u6539\u3002
\n\u30fb\u53ef\u80fd\u4f1a\u53d8\u5f97\u975e\u5e38\u91cd\uff0c\u5f53\u83b7\u53d6\u7684\u6570\u636e\u53d8\u591a\u65f6
\n\u30fb\u65e0\u6cd5\u663e\u793apps
\n\u30fb\u4e0d\u662f\u4ee5Mbps\u8868\u793a\uff0c\u800c\u662f\u4ee5MB\u8868\u793a\uff08\u6570\u636e\u672c\u8d28\u4e0a\u662fMbps\uff0c\u53ea\u662f\u5916\u89c2\u4e0a\u7684\u95ee\u9898\uff09
\n[v4]
\n\u30fb\u4e0d\u77e5\u9053\u5982\u4f55\u663e\u793a\u591a\u4e2a\u67e5\u8be2\u7684\u56fe\u8868\u3002
\n\u30fbNetflow\u53ea\u662f\u4e3a\u4e86\u80fd\u591f\u83b7\u53d6\u3002<\/p>\n
\u4e0b\u6b21\u4f1a\u901a\u77e5\u3002<\/h2>\n
\u4f7f\u7528Fluentd+Graphite+Grafana\u521b\u5efa\u65e0\u9700Java\u7684NMS
\n\u4f7f\u7528Fluentd+Groonga+ ??? \u521b\u5efaNSM
\n\u5c1d\u8bd5\u4f7f\u7528fluent-plugin-anomalydetect<\/p>\n
http:\/\/tech.aainc.co.jp\/archives\/3720-\u8bf7\u539f\u751f\u4e2d\u6587\u91ca\u4e49<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-40954","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n
\u4f7f\u7528"Fluentd+Elasticsearch+Kibana"\u6784\u5efaNMS - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528"Fluentd+Elasticsearch+Kibana"\u6784\u5efaNMS\" \/>\n<meta property=\"og:description\" content=\"\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-11T07:29:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-04T09:35:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/3-0.png\" \/>\n<meta name=\"author\" content=\"\u96c5, \u609f\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u96c5, \u609f\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\",\"name\":\"\u4f7f\u7528\\\"Fluentd+Elasticsearch+Kibana\\\"\u6784\u5efaNMS - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-09-11T07:29:27+00:00\",\"dateModified\":\"2024-05-04T09:35:51+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528”Fluentd+Elasticsearch+Kibana”\u6784\u5efaNMS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\",\"name\":\"\u96c5, \u609f\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"caption\":\"\u96c5, \u609f\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS","og_description":"\u63d0\u524d\u987b\u77e5 (Tiqian xuzhi) \u90a3\u662f\u7b2c\u51e0\u904d\u4e86\uff1f \u4e0d\u8981\u5728\u610f\u5c0f\u4e8b\u266a \u8fd9\u662f\u6211\u61c2\u7684\u6211\u61c2\u7684\uff5e\u266a \u622a\u5c4f \u7ec4\u6210 \u5b89\u88dd […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528fluentdelasticsearchkibana\u6784\u5efanms\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-09-11T07:29:27+00:00","article_modified_time":"2024-05-04T09:35:51+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d43eb37434c4406c9d8d4\/3-0.png"}],"author":"\u96c5, \u609f","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u96c5, \u609f","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"11 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/","name":"\u4f7f\u7528\"Fluentd+Elasticsearch+Kibana\"\u6784\u5efaNMS - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-09-11T07:29:27+00:00","dateModified":"2024-05-04T09:35:51+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528”Fluentd+Elasticsearch+Kibana”\u6784\u5efaNMS"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6","name":"\u96c5, \u609f","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","caption":"\u96c5, \u609f"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8fluentdelasticsearchkibana%e6%9e%84%e5%bb%banms\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=40954"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954\/revisions"}],"predecessor-version":[{"id":99723,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40954\/revisions\/99723"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=40954"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=40954"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=40954"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}