我已将Metricbeat配置为捕获系统级指标,在Redhat linux中将Metricbeat集成为一项服务,我使用rpm软件包安装了metricbeat。 波纹管是我的metricbeat配置。
> #============================ Config Reloading ==============================
> metricbeat.config.modules:
>
> # Glob pattern for configuration reloading
> path: ${path.config}/conf.d/*.yml
>
> # Period on which files under path should be checked for changes
> reload.period: 10s
>
> # Set to true to enable config reloading
> reload.enabled: false
>
> # Maximum amount of time to randomly delay the start of a metricset. Use 0 to
> # disable startup delay.
> metricbeat.max_start_delay: 10s
>
> #------------------------------- System Module -------------------------------
> - module: system
> metricsets:
> - cpu # CPU usage
> - load # CPU load averages
> - memory # Memory usage
> - network # Network IO
> - process # Per process metrics
> - process_summary # Process summary
> - uptime # System Uptime
> #- core # Per CPU core usage
> #- diskio # Disk IO
> #- filesystem # File system usage for each mountpoint
> #- fsstat # File system summary metrics
> #- raid # Raid
> #- socket # Sockets and connection info (linux only)
> enabled: true
> period: 10s
> processes: ['.*']
>
> # Configure the metric types that are included by these metricsets.
> cpu.metrics: ["percentages"] # The other available options are normalized_percentages and ticks.
> core.metrics: ["percentages"] # The other available option is ticks.
>
>
> #----------------------------- Logstash output ---------------------------------
> output.logstash:
> # Boolean flag to enable or disable the output module.
> #enabled: true
>
> # The Logstash hosts
> hosts: ["localhost:5044"]
logstash也使用rpm软件包作为服务安装在Redhat linux中。
bellow是我的logstash配置,我正在尝试从
中读取输入beat.input {
beats {
port => 5044
}
}
output {
elasticsearch {
host => "localhost:9200"
index => "metricbeat_logs"
}
}
bellow是我的logstash和metricbeat的用户和组权限
cd / etc / logstash ls -lrt
-rw-------. 1 apelkdev apa 1696 Aug 18 02:29 startup.options
> -rw-r--r--. 1 apelkdev apa 285 Aug 18 02:29 pipelines.yml
> -rw-r--r--. 1 apelkdev apa 342 Aug 18 02:29 logstash-sample.conf
> -rw-r--r--. 1 apelkdev apa 4466 Aug 18 02:29 log4j2.properties
> -rw-r--r--. 1 apelkdev apa 1846 Aug 18 02:29 jvm.options
> -rwxr-xr-x. 1 apelkdev apa 8154 Feb 8 07:41 logstash.yml
> drwxrwxr-x. 2 apelkdev apa 4096 Feb 8 10:29 conf.d
cd / etc / metricbeat ls -lrt
-rw-r--r--. 1 apelkdev apa 57809 Aug 18 00:28 metricbeat.reference.yml
-rw-r--r--. 1 apelkdev apa 76697 Aug 18 00:28 fields.yml
-rw-r--r--. 1 apelkdev apa 0 Feb 7 06:24 metricbeat.
-rw-------. 1 apelkdev apa 7892 Feb 8 08:14 metricbeat.yml
我正在使用波纹管命令运行这两个服务
sudo服务metricbeat开始 sudo服务logstash启动
在这里,我真的没错,当我们检查metricbeat日志时,它已经捕获了当前时间戳的度量详细信息,不是很清楚logstash会发生什么以及为什么它没有读取metricbeat事件。
答案 0 :(得分:1)
您尚未启用代码中的logstash输出。
> output.logstash:
> # Boolean flag to enable or disable the output module.
> #enabled: true
在上面,请更改为
已启用:是