Sprinboot integrates ELK to build a real-time log platform

Elk profile

• Elasticsearch is an open source distributed search engine. It features distributed, zero configuration, automatic discovery, index sharding, index copy, restful interface, multiple data sources, and automatic search load.

• Logstash is a completely open source tool that collects, filters, and stores your logs for future use (e.g., searching).

• Kibana is also an open source and free tool that provides a log analysis friendly Web interface for Logstash and ElasticSearch to help you aggregate, analyze and search important data logs.

Elk download and install

Elk download address: www.elastic.co/downloads/

It is recommended to run on Linux, elK is not well supported on Windows, in addition, jdK1.8 support is required, you need to install JDK in advance.

After downloading: Install with logstash as chestnut:

cd /usr/local/
 
mkdir logstash
 
tar -zxvf logstash-5.3.2.tar.gz
 
mv logstash-5.3.2 /usr/local/logstashCopy the code

Configure and start Elasticsearch

Open the Elasticsearch configuration file:

vim config/elasticsearch.ymlCopy the code

Modify the configuration:

network.host=localhost
network.port=9200Copy the code

It defaults to this configuration, with no special requirements and no need to change it locally.

Start the Elasticsearch

/bin/elasticsearchCopy the code

Localhost :9200

{
  "name" : "56IrTCM"."cluster_name" : "elasticsearch"."cluster_uuid" : "e4ja7vS2TIKI1BsggEAa6Q"."version" : {
    "number" : "5.2.2."."build_hash" : "f9d9b74"."build_date" : "The 2017-02-24 T17: he. 835 z"."build_snapshot" : false."lucene_version" : 6.4.1 ""
  },
  "tagline" : "You Know, for Search"
}Copy the code

Configure and start the Logstash

In the logstash home directory:

vim config/log4j_to_es.confCopy the code

Modify log4j_to_es. Conf as follows:

input {
  log4j {
    mode => "server"
    host => "localhost"
    port => 4560
  }
}
filter {
  #Only matched data are send to output.
}
output {
    elasticsearch {
    action => "index"          #The operation on ES
    hosts  => "localhost:9200"   #ElasticSearch host, can be array.
    index  => "applog"         #The index to write data to.}}Copy the code

Start after modifying the configuration:

./bin/logstash -f config/log4j_to_es.confCopy the code