Filebeat apache log

来自linux中国网wiki
Evan讨论 | 贡献2021年4月29日 (四) 06:32的版本
(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳到导航 跳到搜索 


curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.12.0-amd64.deb
sudo dpkg -i filebeat-7.12.0-amd64.deb

Modify /etc/filebeat/filebeat.yml to set the connection information:

output.elasticsearch:
  hosts: ["<es_url>"]
  username: "elastic"
  password: "<password>"
setup.kibana:
  host: "<kibana_url>"

Where <password> is the password of the elastic user, <es_url> is the URL of Elasticsearch, and <kibana_url> is the URL of Kibana.


Enable and configure the apache module

 sudo filebeat modules enable apache

Modify the settings in the /etc/filebeat/modules.d/apache.yml file.

- module: apache
  # Access logs
  access:
    enabled: true

  var.paths: ["/var/log/apache2/access.log"]


Start Filebeat

The setup command loads the Kibana dashboards. If the dashboards are already set up, omit this command.

sudo filebeat setup
sudo service filebeat start

Data successfully received from this module
取自“http://wiki.linuxchina.net/index.php?title=Filebeat_apache_log&oldid=6223