{"id":187582,"date":"2020-11-08T05:04:41","date_gmt":"2020-11-07T21:04:41","guid":{"rendered":"http:\/\/4563.org\/?p=187582"},"modified":"2020-11-08T05:04:41","modified_gmt":"2020-11-07T21:04:41","slug":"%e8%8f%9c%e9%b8%9f%e9%97%ae%e4%b8%8b-elk%e3%80%81%e7%9f%a5%e8%af%86%e5%9b%be%e8%b0%b1%e3%80%81%e6%8e%a8%e8%8d%90%e7%ae%97%e6%b3%95%e7%9b%b8%e5%85%b3%e7%9a%84%e5%ba%94%e7%94%a8%e9%97%ae%e9%a2%98","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=187582","title":{"rendered":"\u83dc\u9e1f\u95ee\u4e0b ELK\u3001\u77e5\u8bc6\u56fe\u8c31\u3001\u63a8\u8350\u7b97\u6cd5\u76f8\u5173\u7684\u5e94\u7528\u95ee\u9898"},"content":{"rendered":"<div>\n<div>\n<div>\n<h1>                  \u83dc\u9e1f\u95ee\u4e0b ELK\u3001\u77e5\u8bc6\u56fe\u8c31\u3001\u63a8\u8350\u7b97\u6cd5\u76f8\u5173\u7684\u5e94\u7528\u95ee\u9898               <\/h1>\n<p> <\/p>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : ashiamd <\/span>  <span><i><\/i> 0<\/span> <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div isfirst=\"1\"> <\/p>\n<p>\u6700\u8fd1\u6709\u9700\u6c42\uff0c\u9700\u8981\u505a\u4e00\u4e2a\u65e5\u5fd7\u5206\u6790\u7cfb\u7edf=&gt;\u6253\u7b97\u7528 Elastic Stack \uff08 ELK+B \uff09\u6765\u5b9e\u73b0\uff0c\u4f46\u662f\u672c\u4eba\u8fd8\u5728\u5b66\u4e60\u9636\u6bb5\uff0c\u53ea\u77e5\u9053 B \u7528\u6765\u6570\u636e\u83b7\u53d6\uff0cL \u7528\u4e8e\u6570\u636e\u8fc7\u6ee4\uff0cE \u7528\u4e8e\u641c\u7d22+\u5206\u6790\uff0cK \u7528\u4e8e\u6570\u636e\u53ef\u89c6\u5316\u3002<\/p>\n<p>\u4e00\u3001\u4e2a\u4eba\u7406\u60f3\u8ba1\u5212\u5982\u4e0b\uff1a \uff08 1 \uff09 nginx \u7aef \u6216 \u5177\u4f53 java \u540e\u7aef\u8fdb\u7a0b\u4ea7\u751f\u7684 log \u65e5\u5fd7 -&gt; \u7528 Beats \u76f8\u5173\u6280\u672f\u76d1\u542c nginx \u7684 HTTP \u8bf7\u6c42 or \u83b7\u53d6 java \u65e5\u5fd7\u6587\u4ef6\uff1b\u63a5\u7740 beats \u4f20\u9012\u6570\u636e\u5230 kafka \u6d88\u606f\u961f\u5217<\/p>\n<p>\uff08 2 \uff09\u4ece kafka \u4e2d\u6d88\u8d39\u6570\u636e\uff0c\u6570\u636e\u7ed9 logstash \u8fdb\u884c\u6570\u636e\u8fc7\u6ee4\uff08\u53d8\u6210\u7b80\u5355\u683c\u5f0f\uff0c\u6bd4\u5982 IP\uff1aHTTP \u65b9\u6cd5\uff08 POST \u7b49\uff09\uff1a\u5177\u4f53\u65b9\u6cd5:{\u53c2\u6570\u5217\u8868\u4e4b\u7c7b\u7684}\uff1b\u63a5\u7740 logstash \u518d\u5c06\u8fc7\u6ee4\u540e\u7684\u6570\u636e\u7ed9\u53e6\u4e00\u4e2a kafka \u961f\u5217<\/p>\n<p>\uff08 3 \uff09\u4ece kafka \u6d88\u8d39\u6570\u636e\uff0c\u6570\u636e\u7ed9 ElasticSearch\uff0c\u8fdb\u884c\u6570\u636e\u5206\u6790\uff0c\u7136\u540e Kiana \u6570\u636e\u53ef\u89c6\u5316\u3002<\/p>\n<p>\u603b\u4f53\uff1anginx\/java \u8fdb\u7a0b \u65e5\u5fd7\u6765\u6e90 -&gt; beats -&gt; kafka -&gt; logstash -&gt; kafka -&gt; ElasticSearch -&gt; Kibana<\/p>\n<p>\u4e8c\u3001\u95ee\u9898 \uff08 1 \uff09\u6211\u81ea\u5df1\u60f3\u5f97\u6bd4\u8f83\u7406\u60f3\uff0c\u4f46\u636e\u8bf4\u4e0d\u9002\u5408\u7528 ElasticSearch \u5f53\u4f5c\u5b58\u50a8\uff0c\u4f46\u662f\u5c45\u7136\u8981\u5206\u6790\uff0c\u4e0d\u5c31\u4e0d\u5f97\u4e0d\u628a\u6570\u636e\u52a0\u8f7d\u5230\u5185\u5b58\u4e0a\u7684 ES \u4e0a\u5417\uff1f\u6709\u4ec0\u4e48\u907f\u514d\u5185\u5b58\u5360\u7528\u8fc7\u5927\u7684\u65b9\u6cd5\u5417\uff1f<\/p>\n<p>\uff08 2 \uff09\u4e0a\u9762\u53ea\u60f3\u4e86 ELK \u8fdb\u884c\u65e5\u5fd7\u5206\u6790\uff0c\u4f46\u662f\u540e\u7eed\u9700\u8981\u6839\u636e ELK \u7684\u65e5\u5fd7\u5206\u6790\u6765\u8fdb\u884c \u4e00\u4e9b\u4ea7\u54c1\u4e4b\u7c7b\u7684\u4e1c\u897f\u7684\u63a8\u8350\uff0c\u4e5f\u5c31\u662f\u6d89\u53ca\u63a8\u8350\u7cfb\u7edf\u7684\u642d\u5efa\uff0c\u4e2a\u4eba\u60f3\u6cd5\u5c31\u662f\u53ef\u80fd\u53ef\u4ee5\u6839\u636e\u65e5\u5fd7\u7684\u7528\u6237\u884c\u4e3a\uff0c\u6784\u5efa \u56fe\u6570\u636e\u5e93\uff0c\u7136\u540e\u6839\u636e\u56fe\u6570\u636e\u5e93\u8fdb\u884c\u7528\u6237\u7684\u4ea7\u54c1\u63a8\u8350\u4e4b\u7c7b\u7684\u3002\u4e0d\u77e5\u9053\u8fd9\u79cd\u60f3\u6cd5\u53ef\u884c\u4e0d\u53ef\u884c\u3002<\/p>\n<p>\uff08 3 \uff09\u8bf7\u6559\u4e00\u4e0b\u5404\u4f4d\u770b\u5b98\uff0cELK \uff08\u6b63\u5728\u5b66\uff09\u3001\u56fe\u6570\u636e\u5e93\uff08\u4e86\u89e3\u8fc7\uff0c\u6ca1\u7528\u8fc7\uff09\u3001\u63a8\u8350\u7b97\u6cd5\uff08\u8fd9\u4e2a\u6ca1\u4e86\u89e3\u8fc7\uff09\uff0c\u662f\u4e0d\u662f\u8fd9\u51e0\u4e2a\u90e8\u5206\u5c31\u80fd\u591f\u5b9e\u73b0\u4ee5\u4e0b\u51e0\u4e2a\u4e8b\u60c5\u4e86\uff1f\uff08\u65e5\u5fd7\u53ef\u89c6\u5316\u3001\u7528\u6237\u884c\u4e3a\u5206\u6790\u3001\u7528\u6237\u4ea7\u54c1\u63a8\u8350\uff09<\/p>\n<p>ps\uff1a\u672c\u4eba\u6bd4\u8f83\u83dc\uff0cELK \u3001\u56fe\u6570\u636e\u5e93\u76f8\u5173\u6982\u5ff5\u7a0d\u6709\u4e86\u89e3\uff0c\u4f46\u662f\u63a8\u8350\u7b97\u6cd5\u7eaf\u4e0d\u77e5\u9053\u3002<\/p>\n<\/p><\/div>\n<div> <b>\u5927\u4f6c\u6709\u8a71\u8aaa<\/b> (<span>7<\/span>)        <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<ul>\n<li data-pid=\"4079245\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Morriaty <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             1. \u5148\u7528\u6700\u7b80\u5355\u7684 ELK\uff0cdocker \u73b0\u6210\u7684\uff0ckafka \u90fd\u4e0d\u8981\uff0c\u5feb\u901f\u9a8c\u8bc1\u5feb\u901f\u8bd5\u9519<br \/>2. \u771f\u8981\u8ba4\u771f\u505a\u63a8\u8350\u7cfb\u7edf\u5f53\u7136\u662f\u8981\u4e0a Hadoop \u3001spark \u8fd9\u4e9b\u7684\uff0c\u4e00\u822c\u6210\u719f\u7684\u7cfb\u7edf\u4e5f\u662f online\/nearline\/offline \u591a\u5c42\u67b6\u6784\u7684\uff0c\u6570\u636e\u5c42\u6bd4\u7b97\u6cd5\u5c42\u91cd\u8981<br \/>3. \u5927\u6570\u636e\u5f00\u53d1\u3001\u77e5\u8bc6\u56fe\u8c31\u3001\u641c\u7d22\u63a8\u8350\uff0c\u6bcf\u4e2a\u90fd\u662f\u8981\u6c42\u5f88\u9ad8\u7684\uff0c\u5982\u679c\u662f\u4e00\u4e2a\u4eba\u505a\uff0c\u73a9\u73a9\u5c31\u597d\uff0c\u4e0d\u8981\u671f\u671b\u592a\u9ad8&#8230;.                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079246\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : ashiamd <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u611f\u8c22\u56de\u590d\uff0c\u90a3\u610f\u601d\u662f\u5982\u679c\u4e0d\u4e0a\u5927\u6570\u636e\u6280\u672f\u7684\u8bdd\uff0c\u73b0\u9636\u6bb5\u5148\u53ea\u8003\u8651 ELK \u7684\u65e5\u5fd7\u884c\u4e3a\u5206\u6790\u5c31\u6700\u53ef\u884c\u7684\u65b9\u6848\uff1f\u5982\u679c\u56fe\u6570\u636e\u5e93\u548c\u63a8\u8350\u7cfb\u7edf\u9700\u8981\u5927\u6570\u636e\u6280\u672f\u652f\u6301\u7684\u8bdd\uff0c\u90a3\u786e\u5b9e\u73b0\u9636\u6bb5\u5b66\u4e60\u53ef\u80fd\u5403\u4e0d\u6d88\uff08\u5185\u5bb9\u592a\u591a\u4e86\uff09\u3002<\/p>\n<p>\u518d\u6b21\u611f\u8c22\u3002\u90a3\u6211\u73b0\u9636\u6bb5\u5c31\uff1a<br \/>\uff08 1 \uff09\u5148\u8003\u8651 ELK \u4f7f\u7528\uff08\u6211\u672c\u5730\u4e5f\u662f\u7528 docker\uff0c\u4f46\u662f\u67d0\u4e9b\u53c2\u6570\u53ef\u80fd\u8bbe\u7f6e\u6709\u4e9b\u95ee\u9898=&gt;\u4e4b\u540e\u518d\u81ea\u5df1\u89e3\u51b3\uff09<br \/>\uff08 2 \uff09\u6784\u5efa\u6574\u4e2a\u5b8c\u6574\u7684\u65e5\u5fd7\u5904\u7406\u6d41\u7a0b<br \/>\uff08 3 \uff09\u8003\u8651 LogStash \u8fc7\u6ee4\u540e\u5728 ElasticSearch \u4e0a\u5b58\u50a8\u7684\u6570\u636e\u7ed3\u6784\u8bbe\u8ba1<br \/>\uff08 4 \uff09\u6839\u636e\u201c\u6709\u7528\u201d\u7684\u4fe1\u606f\uff08\u80fd\u770b\u51fa\u5e73\u53f0\u7528\u6237\u7231\u597d\u8d8b\u5411\u7b49\u4fe1\u606f\uff09\u6784\u5efa kibana \u89c6\u56fe\u3002<\/p>\n<p>\u6839\u636e\u4ee5\u4e0a\u6d41\u7a0b\uff0c\u81f3\u5c11\u5c0f\u76ee\u6807\u5e94\u8be5\u80fd\u6839\u636e\u7528\u6237\u65e5\u5fd7\uff0c\u5927\u81f4\u901a\u8fc7 kibana \u7684\u56fe\u8868\u7b49\u5185\u5bb9\u6765\u4eba\u4e3a\u5206\u6790\u51fa\u5e73\u53f0\u7528\u6237\u7231\u597d\u3001\u6d41\u91cf\u8d70\u5411\u7b49\u5173\u952e\u4fe1\u606f\u3002                                                            <\/p><\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079247\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : ashiamd <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @Morriaty \u611f\u8c22\u56de\u590d\uff0c\u521a\u624d\u6ca1\u70b9\u5230 @\u7b26\u53f7\uff0c\u4e0a\u8865\u4e86\u4e00\u6761\u56de\u590d\u3002                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079248\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : yisany <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             log -&gt; beats -&gt; logstash -&gt; kafka -&gt; es<br \/>beats \u662f\u80fd\u591f\u76f4\u63a5\u5bf9\u63a5\u5230 logstash \u7684, \u4e0d\u9700\u8981 kafka \u505a\u4e2d\u8f6c(\u5f53\u7136\u4e5f\u53ef\u4ee5\u7528).<br \/>\u540c\u65f6 es \u867d\u7136\u5168\u6587\u641c\u7d22\u5f88\u5f3a, \u4f46\u4f60\u5982\u679c\u8981\u7528\u6765\u505a\u6570\u636e\u5206\u6790, \u662f\u4e0d\u5982 olap \u6570\u636e\u5e93\u7684                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079249\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Morriaty <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u641c\u7d22\u63a8\u8350\u662f\u975e\u5e38\u9762\u5411\u4e1a\u52a1\u7684\uff0c\u4f60\u8981\u5148\u60f3\u597d\u4f60\u60f3\u5173\u5fc3\u7684\u6570\u636e\uff0c\u7136\u540e\u518d\u53bb\u53cd\u63a8\u4f60\u7684 scheme \/ mapping \u8bbe\u8ba1\uff0c\u6bd4\u5982\uff1a<\/p>\n<p>1. \u7528\u6237\u5173\u5fc3\u7684\u70ed\u95e8\u5185\u5bb9\uff0c\u90a3\u5c31\u9700\u8981\u4ece\u65e5\u5fd7\u91cc\u62bd\u53d6\u81f3\u5c11 content_id, user_id, tags\uff0c\u76ee\u524d\u7684\u6570\u636e\u91cc\u6709 tags \u5417\uff1f\u5982\u679c\u6ca1\u6709\uff0c\u6216\u8005\u6570\u636e\u91cf\u4e0d\u8db3\uff0c\u600e\u4e48\u62bd\u53d6\u5462\uff1f<br \/>2. \u7528\u6237\u7684\u5174\u8da3\u53d8\u5316\uff0c\u90a3\u8981\u518d\u52a0\u4e2a timestamp \u5b57\u6bb5\uff0c\u4e0a\u5468\u8fd8\u6ca1\u4eba\u9605\u89c8\u7684\u5185\u5bb9\uff0c\u8fd9\u5468\u66b4\u589e\u4e86\u5341\u500d<\/p>\n<p>\u8bf8\u5982\u6b64\u7c7b                                                            <\/p><\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079250\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : ashiamd <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @yisany \u611f\u8c22\u56de\u590d\uff0c\u6211\u5b66\u7684\u4e1c\u897f\u6bd4\u8f83\u5c11\uff0c\u7b2c\u4e00\u6b21\u542c\u8bf4 OLAP \u8fd9\u4e2a\u8bcd\uff0c\u67e5\u4e86\u4e0b\uff0c\u8c8c\u4f3c V2EX \u91cc\u6709\u4eba\u4e5f\u6709\u8fc7\u7c7b\u4f3c\u95ee\u9898\u3002<br \/>[OLAP \u6570\u636e\u5e93\u63a8\u8350]( https:\/\/www.v2ex.com\/t\/705920)<br \/>\u770b\u4e86\u4e0b\u65b9\u6709\u4eba\u9009\u62e9\u4e86 Druid\uff0c\u8bf4\u662f java \u5199\u7684\uff1f\u6216\u8bb8\u6211\u53ef\u4ee5\u53bb\u4e86\u89e3\u4e86\u89e3\u3002\uff08\u4e4b\u524d\u9879\u76ee\u91cc\u7528\u7684 Druid \u8fde\u63a5\u6c60\uff0c\u6211\u8fd8\u4ee5\u4e3a\u8fd9\u4e2a\u5c31\u662f\u4e2a\u8fde\u63a5\u6c60\uff0c\u539f\u6765 Apache Druid \u662f\u4e2a\u6570\u636e\u5e93\uff09                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"4079251\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : ashiamd <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @Morriaty \u597d\u7684\uff0c\u611f\u8c22\u4f60\u7684\u5b9d\u8d35\u610f\u89c1\u3002<br \/>\uff08 1 \uff09 tags\uff0c\u6570\u636e\u5e93\u73b0\u5728\u8fd8\u6ca1\u6709\u786e\u5b9a\u4e0b\u6765\uff0c\u4e0d\u8fc7\u5c45\u7136\u73b0\u5728\u77e5\u9053\u9700\u8981 tags \u4e86\uff0c\u4e4b\u540e\u5c31\u53ef\u4ee5\u8003\u8651\u5728\u54ea\u4e9b\u5185\u5bb9\u4e0a\u52a0\u4e86\u3002\uff08\u8c8c\u4f3c\u4e4b\u540e\u4f1a\u6709\u4e1a\u52a1\u662f\u6ce8\u518c\u767b\u5f55\u540e\uff0c\u5148\u8ba9\u7528\u6237\u9009\u62e9\u51e0\u4e2a\u611f\u5174\u8da3\u7684\u6807\u7b7e=&gt;\u73b0\u5728\u5f88\u591a app \u3001\u7f51\u7ad9\u7684\u5e38\u89c1\u6a21\u5f0f\uff09<br \/>\uff08 2 \uff09\u65f6\u95f4\u6233 timestamp\uff0c\u8fd9\u4e2a\u6211\u4e4b\u524d\u8fd8\u771f\u6ca1\u8003\u8651\u8fc7\u3002\u786e\u5b9e\u5982\u679c\u6ca1\u6709\u65f6\u95f4\u56e0\u7d20\u7684\u8bdd\uff0c\u5c31\u6ca1\u6cd5\u770b\u51fa\u7528\u6237\u5174\u8da3\u53d8\u5316\u4e86\u3002\uff08\u8fd9\u65b9\u9762\u7b2c\u4e00\u6b21\u63a5\u89e6\uff0c\u8fd8\u662f\u6ca1\u80fd\u60f3\u5168\uff09                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li>\n","protected":false},"excerpt":{"rendered":"<p>\u83dc\u9e1f\u95ee\u4e0b ELK\u3001\u77e5\u8bc6\u56fe\u8c31\u3001\u63a8\u8350\u7b97&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/187582"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=187582"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/187582\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=187582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=187582"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=187582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}