ELK Step by
Step Guide
Following is
detail of elk ,how we install,start and run. and prepare report
I install elk
on Docker with following step:
Step1
Check the
status of docker:
Step2
I have created "docker" folder on my machine.
Step3
I have
created three folder in docker folder:
config
data docker-compose.yml
Step4
Then configure these folder with following is the step and data:
we can change these configration with our requirement,
First Configure docker-compose.yml
version: "2.0"
services:
elk:
image: sebp/elk:latest
ports:
- "5601:5601"
- "9200:9200"
- "5044:5044"
- "9300:9300"
volumes:
- "/home/keenable/docker/data:/tmp/in_data"
- "/home/keenable/docker/elastic:/var/lib/elasticsearch"
- "/home/keenable/docker/config:/etc/logstash/conf.d"
container_name: elk1
next is the config file:
this is the main configration file where we define the path and detail of data .
i prepare report of cpu and ram so i add cpu_mem.conf folder in config folder and following is my configration look like:
input {
file {
path => "/tmp/in_data/Heap_Mem_Data.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["DATE","SERVER","RAM"]
}
mutate
{ convert => [ "RAM","float"] }
date {
timezone => "Asia/Kolkata"
match => ["DATE", "MMM-dd-HH:mm:ss", "ISO8601"]
target => "date_time"
}
#Aug-20-02:37:47
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "heap-memindex"
document_type => "cpu-memdocsss"
}
stdout { codec => json }
}
change done in above file:
path => "/tmp/in_data/Heap_Mem_Data.csv" This path we can change and replace with our file name.
match => ["DATE", "MMM-dd-HH:mm:ss", "ISO8601"] this we can change with our date format.
index => "heap-memindex" we can give any name to this file
document_type => "cpu-memdocsss"
In "data" Folder we copy data which we want report.
Step5
we run following command:
keenable@keenable:~/docker$ sudo docker-compose up
With this command elk install if still not installed and run:
Step 6:
Add elastic search in chrome:
Following is detail:
and add elastic search in chrome:
We can change port no default to 9200
and run kibana,if it run successfully data file shown in index
as in image:
Waiting for comment:
we can change these configration with our requirement,
First Configure docker-compose.yml
version: "2.0"
services:
elk:
image: sebp/elk:latest
ports:
- "5601:5601"
- "9200:9200"
- "5044:5044"
- "9300:9300"
volumes:
- "/home/keenable/docker/data:/tmp/in_data"
- "/home/keenable/docker/elastic:/var/lib/elasticsearch"
- "/home/keenable/docker/config:/etc/logstash/conf.d"
container_name: elk1
next is the config file:
this is the main configration file where we define the path and detail of data .
i prepare report of cpu and ram so i add cpu_mem.conf folder in config folder and following is my configration look like:
input {
file {
path => "/tmp/in_data/Heap_Mem_Data.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["DATE","SERVER","RAM"]
}
mutate
{ convert => [ "RAM","float"] }
date {
timezone => "Asia/Kolkata"
match => ["DATE", "MMM-dd-HH:mm:ss", "ISO8601"]
target => "date_time"
}
#Aug-20-02:37:47
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "heap-memindex"
document_type => "cpu-memdocsss"
}
stdout { codec => json }
}
change done in above file:
path => "/tmp/in_data/Heap_Mem_Data.csv" This path we can change and replace with our file name.
match => ["DATE", "MMM-dd-HH:mm:ss", "ISO8601"] this we can change with our date format.
index => "heap-memindex" we can give any name to this file
document_type => "cpu-memdocsss"
In "data" Folder we copy data which we want report.
Step5
we run following command:
keenable@keenable:~/docker$ sudo docker-compose up
With this command elk install if still not installed and run:
Step 6:
Add elastic search in chrome:
Following is detail:
and run kibana,if it run successfully data file shown in index
as in image:
nice article for beginners.thank you.
ReplyDeleteperl tutorial
java tutorial