我正在使用以下引用链接将 tomcat8 日志配置到 Elastic stack 仪表板中: https://logz.io/blog/apache-tomcat-monitoring/

我使用的是 ubuntu 18.04 服务器,安装了 tomcat8 并配置了 logstash.conf 文件和 filebeat 文件,但日志未显示在 kibana 仪表板中

能否请您更新如何配置此场景?

Here is my filebeat.yml file 
 
filebeat.inputs: 
- type: log 
enabled: true 
paths: 
- /var/log/tomcat8/localhost_access_log.2019-09-11.txt 
- /var/log/tomcat8/catalina.out.1 
- /var/log/tomcat8/catalina.out 
 
#------------- Logstash output ------------------------ 
               output.logstash: 
               # The Logstash hosts 
               hosts: ["localhost:5044"] 
 
 
enter code here 

这是我的 .conf 文件

input { 
beats { 
port => 5044 
 
} 
 
filter { 
grok { 
  match => { "message" => "%{COMBINEDAPACHELOG}" } 
 
date { 
  match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ] 
 
 geoip { 
  source => "localhost" 
 
 } 
 
output { 
 elasticsearch { 
hosts => ["172.17.5.106:9200"] 
 
} 
 
curl -X GET "localhost:9200/_cat/indices?v" 
health status index                           uuid                   pri       rep docs.count docs.deleted store.size pri.store.size 
green  open   .monitoring-kibana-6-2019.09.11 gbOahp_KS56HZfeSVt0sgQ   1    0       8639            0        2mb            2mb 
green  open   .monitoring-es-6-2019.09.08     NmS7exwcQA-OTgAxVWtQBA   1   0     103690           40     38.1mb         38.1mb 
green  open   .monitoring-kibana-6-2019.09.08 JnOFYqNZRceaj5GA6WmL4Q   1   0       8639            0      1.9mb          1.9mb 
green  open   .monitoring-es-6-2019.09.11     CXhPOf6xSDiG9bnGs58SEQ   1   0     155586           84     62.4mb         62.4mb 
green  open   .monitoring-es-6-2019.09.12     RyhD98zwTVKPvl1BzDECug   1   0      64468          160     27.6mb         27.6mb 
green  open   .monitoring-es-6-2019.09.09     VUIiK99ESdaGMoIOKzvstg   1   0     121067           80     47.1mb         47.1mb 
green  open   .kibana_task_manager            KnCr7PerTyeFmwcwz0IamA   1   0          2            0     12.6kb         12.6kb 
green  open   .kibana_1                       Lu5oH-BgSheJdAwKGXutqw   1   0        198           34      378kb          378kb 
green  open   .monitoring-kibana-6-2019.09.07 te49nDoDQH2g12C3bOluvQ   1   0       8639            0      1.9mb          1.9mb 
green  open   .monitoring-es-6-2019.09.10     ne6d71h1Ri2fJ2joOxV4Yw   1   0     138256           60     54.1mb         54.1mb 
green  open   .monitoring-es-6-2019.09.07     I4Z0SlDjShabcVOl9oGJPQ   1   0      86414           42     31.6mb         31.6mb 
green  open   .monitoring-kibana-6-2019.09.09 ruXbntBHTl6yrSkj0tormg   1   0       8640            0        2mb            2mb 
green  open   .monitoring-kibana-6-2019.09.06 Go1pi-NhT8eVlKX2QgMMKA   1   0       3007            0    828.3kb        828.3kb 
green  open   .monitoring-es-6-2019.09.06     oCgFiC1dRr-wjw0tdGxlRw   1   0      24058           28      9.8mb          9.8mb 
green  open   .monitoring-kibana-6-2019.09.12 jr5nRZgtSAebP1jbCeQDxQ   1   0       3221            0    821.2kb        821.2kb 
green  open   .monitoring-kibana-6-2019.09.10 seRLoCjXRtGU9U3ZiSl2Fw   1   0       8639            0        2mb            2mb 

这是我的/var/log/filebeat/filebeat 文件

2019-09-11T17:12:04.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu":{"系统":{"ticks":27$ 2019-09-11T17:12:34.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:13:04.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:13:34.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:14:04.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:14:34.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:15:04.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27 $ 2019-09-11T17:15:34.655+0530 INFO [monitoring] log/log.go:144 过去 30 秒内的非零指标 {"monitoring": {"metrics": {"beat":{"cpu": {“系统”:{“滴答声”:27$

这是我的/var/log/logstash/logstash-plain.log 文件

[2019-09-08T00:00:13,284][信息][logstash.runner] 启动 Logstash {"logstash.version"=>"6.8.3"} [2019-09-08T00:00:14,084][错误][logstash.agent] 无法执行操作 {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>"LogStash::Config$ [2019-09-08T00:00:14,228][INFO][logstash.agent] 成功启动 Logstash API 端点 {:port=>9600} [2019-09-08T00:00:19,281][信息][logstash.runner] Logstash 关闭。 [2019-09-08T00:00:49,251][信息][logstash.runner] 启动 Logstash {"logstash.version"=>"6.8.3"}

请您参考如下方法:

你能确认你完整的 filebeat.yml 配置吗?看起来您缺少 filebeat 输出部分。

您可以查看您发布的 logz.io 链接或有关 logstash 输出的官方文档:https://www.elastic.co/guide/en/beats/filebeat/current/logstash-output.html

output.logstash: 
  hosts: ["localhost:5044"] 


评论关闭
IT序号网

微信公众号号:IT虾米 (左侧二维码扫一扫)欢迎添加!