之前的博客一直在聊ELK集群中的存储、日志收集相关的组件的配置,但通常我们给用户使用不应该是一个黑黑的shell界面,通过接口去查询搜索;今天我们来聊ELK中的前端可视化组件kibana;kibana主要作用是用来展示、搜索、查看、分析、整合elasticsearch中存储的日志的一个web用户界面;使得让用户使用ELK更加直观;
kibana rpm包下载
1
2
3
4
5
6
7
8
9
10
11
|
[root@node06 ~] #wget https://artifacts.elastic.co/downloads/kibana/kibana-6.8.12-x86_64.rpm --2020-10-05 19:19:33-- https: //artifacts .elastic.co /downloads/kibana/kibana-6 .8.12-x86_64.rpm Resolving artifacts.elastic.co (artifacts.elastic.co)... 151.101.230.222, 2a04:4e42:36::734 Connecting to artifacts.elastic.co (artifacts.elastic.co)|151.101.230.222|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 193354778 (184M) [application /octet-stream ] Saving to: ‘kibana-6.8.12-x86_64.rpm’ 100%[==========================================================================>] 193,354,778 170MB /s in 1.1s 2020-10-05 19:19:35 (170 MB /s ) - ‘kibana-6.8.12-x86_64.rpm’ saved [193354778 /193354778 ] |
kibana安装
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
[root@node06 ~] # ll total 188824 -rw-r--r-- 1 root root 193354778 Aug 18 19:40 kibana-6.8.12-x86_64.rpm [root@node06 ~] # yum install ./kibana-6.8.12-x86_64.rpm Loaded plugins: fastestmirror Examining . /kibana-6 .8.12-x86_64.rpm: kibana-6.8.12-1.x86_64 Marking . /kibana-6 .8.12-x86_64.rpm to be installed Resolving Dependencies --> Running transaction check ---> Package kibana.x86_64 0:6.8.12-1 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================== Package Arch Version Repository Size ========================================================================================================================== Installing: kibana x86_64 6.8.12-1 /kibana-6 .8.12-x86_64 427 M Transaction Summary ========================================================================================================================== Install 1 Package Total size: 427 M Installed size: 427 M Is this ok [y /d/N ]: y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : kibana-6.8.12-1.x86_64 1 /1 Verifying : kibana-6.8.12-1.x86_64 1 /1 Installed: kibana.x86_64 0:6.8.12-1 Complete! [root@node06 ~] # |
配置kibana连接es
提示:server.port用于指定kibana监听的端口,server.host用于指定kibana监听的地址,0.0.0.0表示监听本机所有可用地址;server.name是指定本机的主机名,elasticsearch.hosts用于指定es集群主机地址;配置好以上四项就可以直接启动kibana了;
启动kibana
用浏览器访问node06上的5601提供的web服务
好了,到此kibana就部署好了
添加index到kibana
提示:这里之所以看不到数据,是因为生成日志的时间不再15分钟内;
模拟访问httpd,然后看看kibana是否能够看到日志?
提示:可以看到node01访问node03的httpd的日志;
搜索响应码为404的日志
基于IP地址画区域地图
画条形图
画饼图
折线图
添加面板