2021年4月25日 (日) 06:22的版本

install

elk download

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.4.3.tar.gz  

https://artifacts.elastic.co/downloads/kibana/kibana-6.4.2-linux-x86_64.tar.gz

https://artifacts.elastic.co/downloads/logstash/logstash-6.4.2.tar.gz

二进制包

jdk ins

RPM

#set java environment 如果是rpm安装
JAVA_HOME=/usr/java/jdk1.8.0_121
JRE_HOME=/usr/java/jdk1.8.0_121/jre
CLASS_PATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
export JAVA_HOME JRE_HOME CLASS_PATH PATH

tar.gz

tomcat 自带

yum install tomcat -y  #这些比较懒 这样自动上了openjdk

[root@localhost ~]# java -version 
openjdk version "1.8.0_212"
OpenJDK Runtime Environment (build 1.8.0_212-b04)
OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode)

elasticsearch ins



tar xvf  elasticsearch-6.4.3.tar.gz
mv elasticsearch-6.4.3/   /usr/local/elasticsearch/


vim elasticsearch.yml 修改配置文件，在最下面加入如下几行

network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"

注意，root用户是不能直接启动elasticsearch的，需要新建用户，然后切换用户去启动elasticsearch，如下：
创建elsearch用户组及elsearch用户

groupadd elsearch
useradd elsearch -g elsearch -p elasticsearch

更改elasticsearch文件夹及内部文件的所属用户及组为elsearch:elsearch
chown -R elsearch:elsearch

切换到elsearch用户再启动

su elsearch
cd elasticsearch/bin
bash elasticsearch &

systemctl stop firewalld 
systemctl disable firewalld



配置管理
Elasticsearch一般不需额外配置，但是为了提高Elasticsearch性能可以通过elasticsearch.yml文件修改配置参数。当然，也可以根据用户系统配置降低配置参数，如jvm.heapsize。Elasticsearch默认占用2G内存，对于系统配置较低的服务器，很可能带来负载过大的问题，因此需要适当减少jvm.heapsize

nginx ins

 vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

 yum install nginx -y #或者你用 yum install epel-release




 vi /etc/nginx/nginx.conf#修改nginx的日志默认输出格式
log_format json '{"@timestamp":"$time_iso8601",'
             '"@version":"1",'
             '"client":"$remote_addr",'
             '"url":"$uri",'
             '"status":"$status",'
             '"domian":"$host",'
             '"host":"$server_addr",'
             '"size":"$body_bytes_sent",'
             '"responsetime":"$request_time",'
             '"referer":"$http_referer",'
             '"ua":"$http_user_agent"'
          '}';
     #access_log  /opt/access.log json;
    access_log  /var/log/nginx/access.log  json;

https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-centos-7

https://www.cyberciti.biz/faq/how-to-install-and-use-nginx-on-centos-7-rhel-7/

Kibana

install


#kibana主要是搜索elasticsearch的数据，并进行数据可视化的展现，新版使用nodejs
* kibana配置启动
[root@localhost kibana]# pwd
/usr/local/kibana

vim config/kibana.yml

server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://localhost:9200"
kibana.index: ".kibana"

cd bin/
sh kibana &   启动kibana

启动完毕，可以浏览器输入url:   服务器外网ip:5601 查看是否成功启动：

http://192.168.88.52:5601/app/kibana#/home?_g=()


配置********
Kibana配置可以通过命令行参数或配置文件kibana.yml。Kibana应用的默认地址为localhost，无法从远程访问Kibana，因此，用户需要修改配置文件的server.host属性

配置nginx，为kibana配置反向代理

server{

        listen       80;

        server_name  elk.com;

        location / {

       proxy_set_header Host $host;

        proxy_pass http://localhost:5601;

        }

Logstash


 mv  logstash-6.4.2/  /usr/local/logstash/
cd /usr/local/logstash/bin/


#用这个nginx的
 cat /usr/local/logstash/config/nginx.conf 
input {
    file {
        path => "/var/log/nginx/access.log"
        type => "nginx"
        codec => "json"
        start_position => "beginning"
    }
}

filter {
    geoip {
        fields => ["city_name", "country_name", "latitude", "longitude", "region_name","region_code"]
        source => "client"
    }
}

output {
    if [type] == "nginx" {
        elasticsearch {
            hosts => ["127.0.0.1:9200"]
            index => "nelson-nginx-%{+YYYY.MM.dd}"
        }
        stdout {}
    }
}

# 是Elasticsearch 的ip哦 千万不能写错啦  线上的情况一般是l 和ek 不在同一个机器

# hosts => ["127.0.0.1:9200"]  

./bin/logstash -f ./config/nginx.conf

访问nginx 就会 在控制台看到如下输出

    "@timestamp" => 2019-05-31T08:26:26.000Z,
          "domian" => "192.168.88.52",
            "size" => "0",
              "ua" => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
           "geoip" => {},
            "tags" => [
        [0] "_geoip_lookup_failure"
    ],
          "status" => "304",
         "referer" => "-",
            "path" => "/var/log/nginx/access.log",
             "url" => "/index.html",
            "type" => "nginx",
          "client" => "192.168.88.4",
            "host" => "192.168.88.52",
        "@version" => "1",
    "responsetime" => "0.000"
}

启动脚本

add redis

docker

使用Docker快速部署ELK环境（最新5.5.1版本）

Docker ElK安装部署使用教程

usage

tomcat logs


Step 1 of 2: Define index pattern
Index pattern

nelson-nginx-*   #因为前面的output index => "nelson-nginx


Step 2 of 2: Configure settings
@timestamp


#这个老的
Step 1 of 2: Define index pattern
Index pattern
logstash-*

有这些字些Success!  Your index pattern matches 1 index

Step 2 of 2: Configure settings

elk部署配置，收集nginx和tomcat日志

ELK收集tomcat状态日志

logstash配置mysql数据同步到elasticsearch

ELK 之三：Kibana 使用与Tomcat、Nginx 日志格式处理

安全

nginx代理

1.安装nginx
2.安装Apache密码生产工具 httpd-tools
3.生成密码文件
4.配置Nginx
5.修改 kibna配置文件
6.重启kibna,Nginx
查看登录界面

06-使用 Nginx 做 kibana 安全认证1

x-pack

官方提供x-pack组件，进行安全防护，报表，集群实时监控。

只安装x-pack中的Shield

只是对 kibna放在公网 对kibna进行登录验证的话，可以用nginx 代理功能

1.nginx代理
2.使用Shield
3.x-pack组件

ELK的安全加固good

ELK安全配置

Elasticsearch 安全加固 101

ElasticSearch&Search-guard 5 权限配置

elk设置密码，elasticsearch设置密码

集群

trouble


max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
elasticsearch启动时遇到的错误

问题翻译过来就是：elasticsearch用户拥有的内存权限太小，至少需要262144；

/etc/sysctl.conf文件最后添加一行

vm.max_map_count=262144


[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]

max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]

　　每个进程最大同时打开文件数太小，可通过下面2个命令查看当前数量

ulimit -Hn
ulimit -Sn
　　修改/etc/security/limits.conf文件，增加配置，用户退出后重新登录生效

 *               soft    nofile          65536
 *               hard    nofile          65536

https://blog.csdn.net/qq942477618/article/details/53414983

https://www.jianshu.com/p/89f8099a6d09 Elasticsearch5.2.0部署过程的坑

https://www.cnblogs.com/yidiandhappy/p/7714489.html

https://www.cnblogs.com/zhi-leaf/p/8484337.html

页面“Unlock Bootloader, Install LineageOS ,TWRP and Root Essential PH-1”与“Elk基础”之间的差异

2021年4月25日 (日) 06:22的版本

目录

install

elk download

二进制包

jdk ins

RPM

tar.gz

tomcat 自带

elasticsearch ins

nginx ins

Kibana

install

配置nginx，为kibana配置反向代理

Logstash

启动脚本

add redis

docker

usage

tomcat logs

logstash配置mysql数据同步到elasticsearch

安全

nginx代理

x-pack

集群

trouble

see also

导航菜单

个人工具

名字空间

变种

视图

更多

搜索

导航

我的导航

工具

@@ 第1行： / 第1行： @@
-=站内资源=
+=install=
-[[Android刷机Nexus5刷机]]
+==elk download==
+<pre>
+wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.4.3.tar.gz
-=Fastboot mode=
+https://artifacts.elastic.co/downloads/kibana/kibana-6.4.2-linux-x86_64.tar.gz
-Put your Essential Phone into fastboot mode by doing either of the following:
-• Use the ADB tool packaged above to run the command:
+https://artifacts.elastic.co/downloads/logstash/logstash-6.4.2.tar.gz
-  adb reboot bootloader
+</pre>
-Reboot your phone while holding the Volume-down button
+==二进制包 ==
+===jdk ins===
+==== RPM ====
+<pre>
+#set java environment 如果是rpm安装
+JAVA_HOME=/usr/java/jdk1.8.0_121
+JRE_HOME=/usr/java/jdk1.8.0_121/jre
+CLASS_PATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
+PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
+export JAVA_HOME JRE_HOME CLASS_PATH PATH
-=Enable unlocking and Unlock your bootloader =
+</pre>
-==Enable unlocking ==
-Find the option: OEM Unlocking and turn it on
+==== tar.gz====
-== Unlock your bootloader ==
+====tomcat 自带 ====
-Run the command:
+<pre>
-  adb reboot bootloader
+yum install tomcat -y  #这些比较懒 这样自动上了openjdk
- fastboot flashing unlock
-• Press the Volume-down button to navigate to the YES option, then press the Power button to confirm
+[root@localhost ~]# java -version
+openjdk version "1.8.0_212"
+OpenJDK Runtime Environment (build 1.8.0_212-b04)
+OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode)
+</pre>
-=Flash the TWRP into  essential =
+===elasticsearch ins===
+<pre>
-[https://doc-00-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ctk8lmbjhebr5f987q4us4gv5m56i9lf/1517472000000/14260627717518624942/*/1BU5splgIxsqYtki4t3zG297ZGxZDizsS?e=download  NMI81C-TWRP.img下载]
-[https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445 magisk下载]
+tar xvf  elasticsearch-6.4.3.tar.gz
+mv elasticsearch-6.4.3/   /usr/local/elasticsearch/
+vim elasticsearch.yml 修改配置文件，在最下面加入如下几行
+network.host: 0.0.0.0
+http.port: 9200
+http.cors.enabled: true
+http.cors.allow-origin: "*"
+注意，root用户是不能直接启动elasticsearch的，需要新建用户，然后切换用户去启动elasticsearch，如下：
+创建elsearch用户组及elsearch用户
+groupadd elsearch
+useradd elsearch -g elsearch -p elasticsearch
+更改elasticsearch文件夹及内部文件的所属用户及组为elsearch:elsearch
+chown -R elsearch:elsearch
+切换到elsearch用户再启动
+su elsearch
+cd elasticsearch/bin
+bash elasticsearch &
+systemctl stop firewalld
+systemctl disable firewalld
+配置管理
+Elasticsearch一般不需额外配置，但是为了提高Elasticsearch性能可以通过elasticsearch.yml文件修改配置参数。当然，也可以根据用户系统配置降低配置参数，如jvm.heapsize。Elasticsearch默认占用2G内存，对于系统配置较低的服务器，很可能带来负载过大的问题，因此需要适当减少jvm.heapsize
+</pre>
+=== nginx ins===
 <pre>
-adb reboot bootloader
+ vi /etc/yum.repos.d/nginx.repo
-或者手工进入
+[nginx]
+name=nginx repo
+baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
+gpgcheck=0
+enabled=1
+ yum install nginx -y #或者你用 yum install epel-release
-输入以下指令
-fastboot devices -l
-若出来一串序列号，说明安卓设备已连接
-刷入TWRP
-成功
-fastboot flash boot   NMI81C-TWRP.img
-失败 老的用法
+ vi /etc/nginx/nginx.conf#修改nginx的日志默认输出格式
-fastboot flash recovery twrp-mata_2.im
+log_format json '{"@timestamp":"$time_iso8601",'
+             '"@version":"1",'
+             '"client":"$remote_addr",'
+             '"url":"$uri",'
+             '"status":"$status",'
+             '"domian":"$host",'
+             '"host":"$server_addr",'
+             '"size":"$body_bytes_sent",'
+             '"responsetime":"$request_time",'
+             '"referer":"$http_referer",'
+             '"ua":"$http_user_agent"'
+          '}';
+     #access_log  /opt/access.log json;
+    access_log  /var/log/nginx/access.log  json;
-Installing  Magisk from recovery
-Wipe the device
-In the TWRP Home menu, select Wipe > Advanced Wipe. Select Dalvik / ART Cache, System, Data, and Cache. Do not select the Internal Storage otherwise you will lose the data. Then Swipe to Wipe.
-有一次wifi打不开居然是这个原因
-可能要用的命令
- adb shell twrp sideload
- adb sideload Magisk-v15.3.zip
 </pre>
+https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-centos-7
-=essential Install LineageOS =
+https://www.cyberciti.biz/faq/how-to-install-and-use-nginx-on-centos-7-rhel-7/
-最好是卡刷 在第一次之后不用电脑了 不过用官方的 recovery 就行了  fastboot 没成功呢
-==download package==
+===Kibana  ===
-=== LineageOS installation package  ===
+====install====
-https://download.lineageos.org/mata
+<pre>
- 选择 Recovery image lineage-17.1-20201116-recovery-mata.img
-=== Google Apps (use the arm64 architecture)===
+#kibana主要是搜索elasticsearch的数据，并进行数据可视化的展现，新版使用nodejs
-https://wiki.lineageos.org/gapps.html  -->https://wiki.lineageos.org/gapps.html   -->platform: ARM64   android:10  Variant:stock
+* kibana配置启动
+[root@localhost kibana]# pwd
+/usr/local/kibana
+vim config/kibana.yml
+server.port: 5601
+server.host: "0.0.0.0"
+elasticsearch.url: "http://localhost:9200"
+kibana.index: ".kibana"
+cd bin/
+sh kibana &   启动kibana
+启动完毕，可以浏览器输入url:   服务器外网ip:5601 查看是否成功启动：
+http://192.168.88.52:5601/app/kibana#/home?_g=()
-==操作 ==
-===Basic requirements===
-has adb and fastboot ;Enable USB debugging
-===Unlocking the bootloader===
+配置********
+Kibana配置可以通过命令行参数或配置文件kibana.yml。Kibana应用的默认地址为localhost，无法从远程访问Kibana，因此，用户需要修改配置文件的server.host属性
+</pre>
-===Installing LineageOS from recovery===
+====配置nginx，为kibana配置反向代理 ====
-====If you are not in recovery, reboot into recovery:====
-    With the device powered off, hold Volume Up + Power.
-====Factory Reset ====
-Now tap Factory Reset, then Format data / factory reset and continue with the formatting process. This will remove encryption and delete all files stored in the internal storage, as well as format your cache partition (if you have one).
-Return to the main menu.
-中文意思就是选择 Factory Reset 再选择 Format data 下的 factory 出产重置  ,最后再返回主菜单
-====Sideload the LineageOS .zip package:====
 <pre>
-    On the device, select “Apply Update”, then “Apply from ADB” to begin sideload.
+server{
-    On the host machine, sideload the package using: adb sideload filename.zip
+        listen       80;
+        server_name  elk.com;
+        location / {
+       proxy_set_header Host $host;
+        proxy_pass http://localhost:5601;
+        }
-我在power shell执行的如下 时间 09:53- 09:55   47%  有No error
-PS G:\>  adb sideload  .\open_gapps-arm64-10.0-stock-20201118.zip
-opening '.\open_gapps-arm64-10.0-stock-20201118.zip'...
-connecting...
 </pre>
-==== g ====
+===Logstash===
 <pre>
-(Optionally): If you want to install any additional add-ons, click Advanced, then Reboot to Recovery, then when your device reboots, click Apply Update, then Apply from ADB, then adb sideload filename.zip those packages in sequence.
-info_outline
-Note: Additional add-ons aren’t signed with LineageOS’s official key, and therefore when they are sideloaded, Lineage Recovery will present a screen that says Signature verification failed, this is expected, please click Continue.
-info_outline
-Note: If you want Google Apps on your device, you must follow this step before booting into LineageOS for the first time!
-我的命令  注意 中间可能提示有错什么的 按yes    时间 09:56-10:04
+  mv  logstash-6.4.2/  /usr/local/logstash/
-PS G:\>  adb sideload  .\open_gapps-arm64-10.0-stock-20201118.zip
+cd /usr/local/logstash/bin/
-opening '.\open_gapps-arm64-10.0-stock-20201118.zip'...
-connecting...
-serving: '.\open_gapps-arm64-10.0-stock-20201118.zip'  (~47%)    * failed to read command: No error
+#用这个nginx的
-PS G:\>
+ cat /usr/local/logstash/config/nginx.conf
+input {
+    file {
+        path => "/var/log/nginx/access.log"
+        type => "nginx"
+        codec => "json"
+        start_position => "beginning"
+    }
+}
+filter {
+    geoip {
+        fields => ["city_name", "country_name", "latitude", "longitude", "region_name","region_code"]
+        source => "client"
+    }
+}
+output {
+    if [type] == "nginx" {
+        elasticsearch {
+            hosts => ["127.0.0.1:9200"]
+            index => "nelson-nginx-%{+YYYY.MM.dd}"
+        }
+        stdout {}
+    }
+}
+# 是Elasticsearch 的ip哦 千万不能写错啦  线上的情况一般是l 和ek 不在同一个机器
+# hosts => ["127.0.0.1:9200"]
+./bin/logstash -f ./config/nginx.conf
+访问nginx 就会 在控制台看到如下输出
+    "@timestamp" => 2019-05-31T08:26:26.000Z,
+          "domian" => "192.168.88.52",
+            "size" => "0",
+              "ua" => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
+           "geoip" => {},
+            "tags" => [
+        [0] "_geoip_lookup_failure"
+    ],
+          "status" => "304",
+         "referer" => "-",
+            "path" => "/var/log/nginx/access.log",
+             "url" => "/index.html",
+            "type" => "nginx",
+          "client" => "192.168.88.4",
+            "host" => "192.168.88.52",
+        "@version" => "1",
+    "responsetime" => "0.000"
+}
-#注意  这里有时可能要 Factory Reset一下才能进入系统
-Once you have installed everything successfully, click the back arrow in the top left of the screen, then “Reboot system now”.
 </pre>
-==lineageos see also==
+===启动脚本===
-这个是官方文档了 看它就对了
+==add redis ==
-https://wiki.lineageos.org/devices/mata/install
-https://lineageosroms.com/ph-1-mata/
+==docker==
+<pre>
+</pre>
-https://wiki.lineageos.org/devices/#essential
-https://download.lineageos.org/mata
-http://debian.ustc.edu.cn/lineageos/full/mata/20201026/
+[https://blog.csdn.net/gongxsh00/article/details/77001603 使用Docker快速部署ELK环境（最新5.5.1版本）]
+[https://www.cnblogs.com/soar1688/p/6849183.html Docker ElK安装部署使用教程]
+=usage=
+==tomcat logs==
 <pre>
+Step 1 of 2: Define index pattern
+Index pattern
-屏没反应 刷新没成功 线刷
+nelson-nginx-*   #因为前面的output index => "nelson-nginx
-fastboot flash boot <recovery_filename>.img
-win下报错
-sending 'boot' (25737 KB)...
-FAILED (remote: Requested download size is more than max allowed
+Step 2 of 2: Configure settings
+@timestamp
-重启 adb reboot (-n)
-关机 adb shell reboot -p
+#这个老的
+Step 1 of 2: Define index pattern
+Index pattern
+logstash-*
+有这些字些Success!  Your index pattern matches 1 index
+Step 2 of 2: Configure settings
 </pre>
-https://wiki.lineageos.org/devices/mata/install
-==gapps==
+[https://blog.csdn.net/ZHANG_H_A/article/details/53129565 elk部署配置，收集nginx和tomcat日志]
-stock 好用啦对我来说
-==android10 放弃 后面不更新了==
+[https://www.cnblogs.com/FengGeBlog/p/10558912.html ELK收集tomcat状态日志]
+==logstash配置mysql数据同步到elasticsearch==
+[https://www.cnblogs.com/zhang-shijie/p/5384624.html ELK 之三：Kibana 使用与Tomcat、Nginx 日志格式处理]
+=安全=
+==nginx代理==
 <pre>
-Pixel (128 GB, Quite Black)
+.安装nginx
-$649.00
+.安装Apache密码生产工具 httpd-tools
-Qty: 1
+.生成密码文件
-Serial: 35268908313212
+.配置Nginx
+.修改 kibna配置文件
+.重启kibna,Nginx
+查看登录界面
+</pre>
+[https://www.linuxgogo.com/1873.html 06-使用 Nginx 做 kibana 安全认证1]
+==x-pack==
+<pre>
+官方提供x-pack组件，进行安全防护，报表，集群实时监控。
+只安装x-pack中的Shield
+只是对 kibna放在公网 对kibna进行登录验证的话，可以用nginx 代理功能
+.nginx代理
+.使用Shield
+.x-pack组件
+</pre>
-english
+[https://www.jianshu.com/p/d4b19b5150dc ELK的安全加固good]
+[https://blog.csdn.net/qq_24434491/article/details/80820275 ELK安全配置]
-先 邻居借线吧
+[https://elasticsearch.cn/article/129 Elasticsearch 安全加固 101]
-然后先备份
+[https://www.jianshu.com/p/5a42b3560b27 ElasticSearch&Search-guard 5 权限配置]
-February 2020 Security Update
+[https://blog.csdn.net/qq_41980563/article/details/88725584 elk设置密码，elasticsearch设置密码]
-[https://storage.googleapis.com/essential-static/PH1-OTA-QQ1A.200105.032.zip OTA Package: PH1-OTA-QQ1A.200105.032.zip]
-[https://storage.googleapis.com/essential-static/PH1-Images-QQ1A.200105.032.zip Factory Image: PH1-Images-QQ1A.200105.032.zip]
-Method 1: Sideload Android 10 OTA using Stock Recovery
+=集群=
+=trouble=
+<pre>
+max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
+elasticsearch启动时遇到的错误
-Method 2: Flash Android 10 Factory Image using Fastboot
+问题翻译过来就是：elasticsearch用户拥有的内存权限太小，至少需要262144；
-Important Note: This method will wipe all the data stored on your phone, including the internal storage. So, make sure that you take a full backup first!
+/etc/sysctl.conf文件最后添加一行
+vm.max_map_count=262144
-首先 手机备份相关信息
+[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
- 解决安卓 linux adb 连接机器提示 no permissions 的问题
+max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
-问题描述
-adb devices
+　　每个进程最大同时打开文件数太小，可通过下面2个命令查看当前数量
-no permission (user xxx is not in the plugdev group); see [http://developer.android.com/tools/device.html]
-复制代码
-解决方案
+ulimit -Hn
+ulimit -Sn
+　　修改/etc/security/limits.conf文件，增加配置，用户退出后重新登录生效
-    使用下列方式启动 adb
+ *               soft    nofile          65536
+ *               hard    nofile          65536
-    adb kill-server #我用了这个就好了
+https://blog.csdn.net/qq942477618/article/details/53414983
-    cd the-path-your-sdk-adb
-    sudo ./adb kill-server
-    sudo ./adb kill-server
+https://www.jianshu.com/p/89f8099a6d09 Elasticsearch5.2.0部署过程的坑
-adb进入recovery 以及fastboot模式
+https://www.cnblogs.com/yidiandhappy/p/7714489.html
-开机状态下：
+https://www.cnblogs.com/zhi-leaf/p/8484337.html
+</pre>
-adb reboot fastboot   命令进入fastboot模式
+=see also=
-adb reboot recovery　命令行进recovery模式
+[https://zhuanlan.zhihu.com/p/22400290 ELK不权威指南]
-power +　音量下　recovery 模式
+[https://blog.csdn.net/yp090416/article/details/81589174 good ELK+logback+kafka+nginx 搭建分布式日志分析平台]
-关机状态下：
+[https://blog.csdn.net/li123128/article/details/81052374 小白都会超详细--ELK日志管理平台搭建教程]
-power + 音量下 recovery 模式
-power + 音量上 fastboot 模式
-recovery 模式下可以选择进入fastboot 模式
-root@latop:~# adb reboot recovery
+[https://blog.51cto.com/wzlinux/category21.html ELK 教程]
-root@latop:~# adb devices
-List of devices attached
-PM1LHMA792000781	recovery
-root@latop:~# cd /home/evan/iso/
-adb sideload  PH1-OTA-QQ1A.200105.032.zip
+https://www.elastic.co/guide/cn/index.html
-默认位置可能是/目录，我们需要找到内置存储/sdcard/的位置。
-（UP A Level）为返回上级目录功能
-</pre>
+[https://blog.csdn.net/tanqian351/article/details/83827583 ELK搭建教程(全过程)]
+[https://www.cnblogs.com/xiaoqi/p/elk-part1.html ELK日志套件安装与使用ubuntu]
+[https://www.jianshu.com/p/666c662f0068 ELK日志分析系统初体验]
+[https://www.elastic.co/guide/cn/kibana/current/introduction.html kibana基础教程]
+[https://blog.csdn.net/mjlfto/article/details/79772848 elasticsearch集成head插件查看es的数据]
+***
+[https://blog.csdn.net/buqutianya/article/details/71941351 日志系统ELK使用详解(一)--如何使用]
+[https://blog.csdn.net/buqutianya/article/details/72019264 日志系统ELK使用详解(二)--Logstash安装和使用]
+[https://blog.csdn.net/buqutianya/article/details/72026768 日志系统ELK使用详解(三)--elasticsearch安装]
+[https://blog.csdn.net/buqutianya/article/details/72027209 日志系统ELK使用详解(四)--kibana安装和使用]
+[https://blog.csdn.net/buqutianya/article/details/72028868 日志系统ELK使用详解(五)--补充]
+[https://www.cnblogs.com/zhang-shijie/p/5303905.html ELK 之一：ElasticSearch 基础和集群搭建]
+[https://www.cnblogs.com/zhang-shijie/p/5377127.html ELK 之二：ElasticSearch 和Logstash高级使用]
+[https://www.cnblogs.com/zhang-shijie/p/5384624.html ELK 之三：Kibana 使用与Tomcat、Nginx 日志格式处理]
+[https://www.cnblogs.com/zhang-shijie/p/5464805.html ELK 之四：搭建集群处理日PV 四亿次超大访问量优化方法]
-https://www.thecustomdroid.com/download-install-essential-phone-android-10-q-update/
+[https://www.cnblogs.com/xuwujing/p/11567053.html  ElasticSearch实战系列二: ElasticSearch的DSL语句使用教程---图文详解]
-February 2020 Security Update
+[https://www.cnblogs.com/xuwujing/p/11645630.html ElasticSearch实战系列三: ElasticSearch的JAVA API使用教程]
-[https://storage.googleapis.com/essential-static/PH1-OTA-QQ1A.200105.032.zip OTA Package: PH1-OTA-QQ1A.200105.032.zip]
-[https://storage.googleapis.com/essential-static/PH1-Images-QQ1A.200105.032.zip Factory Image: PH1-Images-QQ1A.200105.032.zip]
-Method 1: Sideload Android 10 OTA using Stock Recovery
+[https://www.cnblogs.com/xuwujing/p/12093933.html ElasticSearch实战系列四: ElasticSearch理论知识介绍]
+[https://www.cnblogs.com/xuwujing/p/12385903.html ElasticSearch实战系列五: ElasticSearch的聚合查询基础使用教程之度量(Metric)聚合]
+[https://www.cnblogs.com/xuwujing/p/13412108.html ElasticSearch实战系列六: Logstash快速入门]
-Method 2: Flash Android 10 Factory Image using Fastboot
+[https://www.cnblogs.com/xuwujing/p/13520666.html ElasticSearch实战系列七: Logstash实战使用-图文讲解]
-Important Note: This method will wipe all the data stored on your phone, including the internal storage. So, make sure that you take a full backup first!
+[https://www.cnblogs.com/xuwujing/p/13532125.html ElasticSearch实战系列八: Filebeat快速入门和使用---图文详解]
-首先 手机备份相关信息
+[https://www.jianshu.com/p/4c1f2afa0b6c docker安装ELK后kibana的汉化]
-=参考 =
-Recovery  TWRP 相关知识补充
+[https://www.cnblogs.com/xiaoqi/p/elk-part1.html ELK日志套件安装与使用]
-[https://www.moonlol.com/twrp-recovery%E5%8D%A1%E5%88%B7rom-5967.html  手機或平板TWRP卡刷ROM教學 ]
+[https://blog.csdn.net/BuquTianya/article/details/71941351 日志系统ELK使用详解(一)--如何使用]
-[https://www.kocpc.com.tw/archives/233419 TWRP备份还原]
-[https://news.mydrivers.com/1/542/542943.htm 安卓Recovery你知多少？不懂别说是刷机高手]
+[http://www.ttlsa.com/elk/howto-install-elasticsearch-logstash-and-kibana-elk-stack/ ELK 部署指南ttlsa]
-[https://www.cnblogs.com/godfeer/p/12029476.html  【TWRP】使用adb sideload线刷ROM的方法 ]
+[https://blog.csdn.net/enweitech/article/details/81744250 ELK+kafka+Winlogbeat/FileBeat搭建统一日志收集分析管理系统]
-[https://www.cnblogs.com/yanglang/p/10227069.html 使用电脑adb给Essential Phone刷机 —(官方篇)]
+日志分析 第一章 ELK介绍
+http://www.cnblogs.com/xiaoming279/p/6100613.html
-[https://www.xda-developers.com/how-to-root-essential-phone-ph-1/ How to Root the Essential Phone (PH-1) using Magisk]
+日志分析 第二章 统一访问日志格式
+http://www.cnblogs.com/xiaoming279/p/6101628.html
-https://www.essential.com/developer/current-builds
+日志分析 第三章 安装前准备及系统初始化
+http://www.cnblogs.com/xiaoming279/p/6101951.html
-[http://wiki.linuxchina.net/index.php?title=Nexus5%E5%88%B7%E6%9C%BA Nexus5刷机]
-[http://www.droidviews.com/unlock-bootloader-install-twrp-root-essential-ph-1/ Unlock Bootloader, Install TWRP and Root Essential PH-1]
+这里开始还没看
+日志分析 第四章 安装filebeat
+http://www.cnblogs.com/xiaoming279/p/6112715.html
-[https://zhuanlan.zhihu.com/p/55950119 关于Essential Phone 获取root]
+[https://zhuanlan.zhihu.com/p/152217444 ELK 日志收集简易教程有配置和一点点使用]
-[https://zhuanlan.zhihu.com/p/58507641 关于Essential Phone 获取Root权限及Magisk的安装教程（2019/6/14）]
-[[category:Desktop]]
+[[category:ops]]