Elastic Stack 入门教程

ElasticSearch 与 Kibana

Beats 轻量型数据采集器

Filebeat
Packetbeat

Logstash

处理流程
Input => Filter => Output
File grok stdout
Redis mutate elastisearch
Beats drop redis
Kafka date kafka

使用 logstash 收集 nginx log 数据

ElasticSearch

Packetbeat 监听端口，采集log

logstash

input {
	beats: {prot => 5044}
}

filter {
	if "search" in [request]{
		grok {match => {}}
		grok {match => {}}
	}
}

output {
	if "search" in [request]{

	}
}

packetbeat