打造一个帅气的监控需要什么:
- Grafana 前端数据分析平台
- Elasticsearch 全文检索引擎
- Logstash 日志收集处理框架
- dashboard 监控面板出处
grafana & elk 安装包下载
wget https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-4.6.2.linux-x64.tar.gz
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.6.3.zip
wget https://artifacts.elastic.co/downloads/logstash/logstash-5.6.4.tar.gz
为nginx修改日志输出格式
log_format main '{"@timestamp":"$time_iso8601",'
'"@source":"$server_addr",'
'"hostname":"$hostname",'
'"ip":"$remote_addr",'
'"client":"$remote_addr",'
'"request_method":"$request_method",'
'"scheme":"$scheme",'
'"domain":"$server_name",'
'"referer":"$http_referer",'
'"request":"$request_uri",'
'"args":"$args",'
'"size":$body_bytes_sent,'
'"status": $status,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamaddr":"$upstream_addr",'
'"http_user_agent":"$http_user_agent",'
'"https":"$https"'
'}';
建立logstash配置文件
# nginxlog.conf
input {
file {
# 日志文件路径
path => [ "/var/log/nginx/access.log" ]
ignore_older => 0
codec => json
}
}
filter {
mutate {
convert => [ "status","integer" ]
convert => [ "size","integer" ]
convert => [ "upstreatime","float" ]
remove_field => "message"
}
geoip {
source => "ip"
}
}
output {
elasticsearch {
# elasticsearch地址
hosts => "127.0.0.1:9200"
# 索引名称
index => "nginxlog"
}
#stdout {codec => rubydebug}
}
解压后执行bin目录下的lostash, nohup ./logstash -f nginxlog.conf &
elasticsearch
这个不用怎么配,会出现一些关于内存什么的警告,内存够大不用管,默认监听127.0.0.1就可以,直接执行nohup ./elasticsearch &,正常执行完成后服务器的9600\9200\9300端口开放, elasticsearch日志结尾会有logstash里面配置的索引名称出现
grafana配置
conf/default.ini设置管理员账号密码,设置监听地址
http_addr = 0.0.0.0
admin_user = admin
admin_pass = pass
执行grafana, nohup ./grafana-server &
配置grafana数据源
进grafana面板,type选择elasticsearch,url填写http://127.0.0.1:9200, access选proxy,index-name写上之前配置文件里的索引名称,version选5.x
配置grafana面板
左边菜单dashboard有个import dashboard选项,dashboard复制这里面的id,填进去,点load,就选择之前添加的数据源,就OK了,可能会有写问题,需要自己调一下
一天不来访,浑身上下痒!
感觉很高端,拿来也不知做什么。
简单地说就是动态的显示网站访问热点图,统计访问人数,统计请求从哪里来,具体访问了哪个链接