yum镜像原站

#cat /etc/yum.repos.d/elk-elasticsearch.repo
[elastic-7.x]
name=Elastic repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

安装

sudo yum install filebeat
filebeat.yml模板
#cat /etc/filebeat/filebeat.yml
#----------------------------------------------------------------------------------------------------
filebeat.inputs:
#-----------------------------------
- type: log
enabled: true
json.keys_under_root: true
json.overwrite_keys: true
paths:
- /var/log/Nginx/courseapi/access.log
- /var/log/Nginx/worldapi/access.log
fields:
log_topics: product-Nginx-worldapi
#-----------------------------------
- type: log
enabled: true
json.keys_under_root: true
json.overwrite_keys: true
paths:
- /var/log/Nginx/world/access.log
fields:
log_topics: shequ-Nginx
#----------------------------------------------------------------------------------------------------
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
#----------------------------------------------------------------------------------------------------
setup.template.settings:
index.number_of_shards: 1
#----------------------------------------------------------------------------------------------------
setup.kibana:
#----------------------------------------------------------------------------------------------------
output.kafka:
hosts: ["47.100.178.250:9092"]
#topic: product-Nginx-worldapi
topic: '%{[fields][log_topics]}'
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
#----------------------------------------------------------------------------------------------------
processors:
- add_host_Metadata: ~
- add_cloud_Metadata: ~