elasticsearch:7.5.1
kibana:7.5.1
filebeat:7.5.1
cat filebeat.yml |grep -v "#" |grep -v "^$"
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/filebeat
name: filebeat
keepfiles: 7
permissions: 0644
filebeat.config:
modules:
path: "/opt/filebeat/modules.d/*.yml"
reload.enabled: true
processors:
- add_cloud_metadata: ~
- add_docker_metadata:
host: "unix:///var/run/docker.sock"
filebeat.autodiscover:
providers:
- type: docker
hints.enabled: true
hints.default_config:
type: container
paths:
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/lib/docker/containers/*/*.log
json.keys_under_root: true
json.add_error_key: true
json.message_key: log
tail_files: true
- type: log
enabled: true
paths:
- /opt/nginx/logs/*.log
output.elasticsearch:
hosts: '192.168.15.78:9200'
username: 'elastic'
password: 'im888'
indices:
- index: "192.168.15.63_nginx-%{[beat.version]}-%{+yyyy.MM}"
when.contains:
stream: "nginx.host"
setup.kibana:
host: "192.168.15.78:5601"
setup.template.name: "docker"
setup.template.pattern: "docker_*"
setup.template.enabled: false
setup.template.overwrite: true
谢谢各位
