我按照本教程将所有内容安装到我的机器上。我安装了所有东西的机器是Windows Server 2008,我从Windows 7计算机远程安装它。
https://www.ulyaoth.net/resources/tutorial-install-logstash-and-kibana-on-a-windows-server.34/
从我可以收集的信息来看,还没有信息发送到elasticearch。我不确定我的nxlog / logstash设置或我的网络设置是否存在问题。我已经打开了所有合适的端口。有人可以帮我解决这个问题吗?需要帮助请叫我。谢谢!
当我检查并查看elasticsearch是否正在运行localhost:9200时,我得到:
{
"status" : 200,
"name" : "Electro",
"cluster_name" : "elasticsearch",
"version" : {
"number" : "1.7.2",
"build_hash" : "e43676b1385b8125d647f593f7202acbd816e8ec",
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}
这是我的logstash.conf和nxlog.conf文件。
#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension json>
Module xm_json
</Extension>
<Input iis_ELKstack>
Module im_file
File "C:\inetpub\logs\LogFiles\W3SVC1\u_ex*.log"
ReadFromLast True
SavePos True
Exec if $raw_event =~ /^#/ drop();
</Input>
<Output out_logstash>
Module om_tcp
Host loghost.elkstack.net
Port 5544
OutputType LineBased
</Output>
<Route IIS>
Path iis_ELKstack => out_logstash
</Route>
input {
tcp {
port => 5544
}
}
output {
elasticsearch {
host => "loghost.elkstack.net"
protocol => "http"
}
}