Filebeat apache log

来自linux中国网wiki
跳到导航 跳到搜索 


curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.12.0-amd64.deb
sudo dpkg -i filebeat-7.12.0-amd64.deb

Modify /etc/filebeat/filebeat.yml to set the connection information:

output.elasticsearch:
  hosts: ["<es_url>"]
  username: "elastic"
  password: "<password>"
setup.kibana:
  host: "<kibana_url>"

Where <password> is the password of the elastic user, <es_url> is the URL of Elasticsearch, and <kibana_url> is the URL of Kibana.


Enable and configure the apache module

 sudo filebeat modules enable apache

Modify the settings in the /etc/filebeat/modules.d/apache.yml file.

- module: apache
  # Access logs
  access:
    enabled: true

  var.paths: ["/var/log/apache2/access.log"]


Start Filebeat

The setup command loads the Kibana dashboards. If the dashboards are already set up, omit this command.

sudo filebeat setup
sudo service filebeat start

Data successfully received from this module
取自“http://wiki.linuxchina.net/index.php?title=Filebeat_apache_log&oldid=6223