{"id":18258,"date":"2025-07-04T23:44:06","date_gmt":"2025-07-04T15:44:06","guid":{"rendered":"https:\/\/92it.top\/?p=18258"},"modified":"2025-07-04T23:44:06","modified_gmt":"2025-07-04T15:44:06","slug":"%e4%bd%bf%e7%94%a8-filebeat-%e9%87%87%e9%9b%86-nginx-%e6%97%a5%e5%bf%97%e5%8f%91%e9%80%81-elasticsearch","status":"publish","type":"post","link":"https:\/\/92it.top\/?p=18258","title":{"rendered":"\u4f7f\u7528 Filebeat \u91c7\u96c6 Nginx \u65e5\u5fd7\u53d1\u9001 ElasticSearch"},"content":{"rendered":"\n<p><strong>EFK\u67b6\u6784\u4ecb\u7ecd<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>EFK\u4e09\u4e2a\u5f00\u6e90\u8f6f\u4ef6\u7ec4\u6210\uff0c\u5206\u522b\u662fElasticsearch\u3001FileBeat\u548cKibana\u3002\u8fd9\u4e09\u4e2a\u8f6f\u4ef6\u5404\u81ea\u5728\u65e5\u5fd7\u7ba1\u7406\u548c\u6570\u636e\u5206\u6790\u9886\u57df\u53d1\u6325\u7740\u91cd\u8981\u4f5c\u7528\uff0c\u5b83\u4eec\u4e4b\u95f4\u4e92\u76f8\u914d\u5408\u4f7f\u7528\uff0c\u5b8c\u7f8e\u8854\u63a5\uff0c\u9ad8\u6548\u5730\u6ee1\u8db3\u4e86\u591a\u79cd\u573a\u5408\u7684\u5e94\u7528\u9700\u6c42\uff0c\u662f\u76ee\u524d\u4e3b\u6d41\u7684\u4e00\u79cd\u65e5\u5fd7\u5206\u6790\u7cfb\u7edf\u89e3\u51b3\u65b9\u6848\u3002<\/p>\n\n\n\n<ul>\n<li>Elasticsearch\uff1a\u8d1f\u8d23\u65e5\u5fd7\u7684\u4fdd\u5b58\u548c\u641c\u7d22\u3002\u5b83\u662f\u4e00\u4e2a\u5206\u5e03\u5f0f\u3001\u9ad8\u6269\u5c55\u3001\u9ad8\u5b9e\u65f6\u7684\u641c\u7d22\u4e0e\u6570\u636e\u5206\u6790\u5f15\u64ce\uff0c\u57fa\u4e8eLucene\u5f00\u53d1\uff0c\u901a\u8fc7RESTful web\u63a5\u53e3\u63d0\u4f9b\u5168\u6587\u641c\u7d22\u548c\u5206\u6790\u529f\u80fd\u3002Elasticsearch\u80fd\u591f\u9ad8\u6548\u5730\u5b58\u50a8\u548c\u7d22\u5f15\u5404\u79cd\u7c7b\u578b\u7684\u6570\u636e\uff0c\u5e76\u652f\u6301\u5feb\u901f\u641c\u7d22\u548c\u5b9e\u65f6\u5206\u6790\u3002<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<ul>\n<li>FileBeat\uff1a\u8d1f\u8d23\u65e5\u5fd7\u7684\u6536\u96c6\u3002\u5b83\u7531Elastic\u516c\u53f8\u5f00\u53d1\uff0c\u4e13\u4e3a\u65e5\u5fd7\u6536\u96c6\u800c\u8bbe\u8ba1\uff0c\u5177\u6709\u8d44\u6e90\u5360\u7528\u4f4e\u3001\u6613\u4e8e\u90e8\u7f72\u7684\u7279\u70b9\u3002FileBeat\u76f4\u63a5\u4ece\u670d\u52a1\u5668\u4e0a\u7684\u65e5\u5fd7\u6587\u4ef6\u8bfb\u53d6\u6570\u636e\uff0c\u8fdb\u884c\u521d\u6b65\u7684\u5f52\u96c6\u548c\u7b80\u5355\u5904\u7406\uff0c\u7136\u540e\u5c06\u5176\u8f6c\u53d1\u5230Elasticsearch\u6216\u5176\u4ed6\u4e2d\u95f4\u4ef6\u3002ilebeat \u662f\u4f7f\u7528 Golang \u5b9e\u73b0\u7684\u8f7b\u91cf\u578b\u65e5\u5fd7\u91c7\u96c6\u5668\uff0c\u4e5f\u662fElasticsearch stack \u91cc\u9762\u7684\u4e00\u5458\u3002\u672c\u8d28\u4e0a\u662f\u4e00\u4e2a agent \uff0c\u53ef\u4ee5\u5b89\u88c5\u5728\u5404\u4e2a\u8282\u70b9\u4e0a\uff0c\u6839\u636e\u914d\u7f6e\u8bfb\u53d6\u5bf9\u5e94\u4f4d\u7f6e\u7684\u65e5\u5fd7\uff0c\u5e76\u4e0a\u62a5\u5230\u76f8\u5e94\u7684\u5730\u65b9\u53bb\u3002Filebeat \u5e76\u4e0d\u4f9d\u8d56\u4e8e ElasticSearch\uff0c\u53ef\u4ee5\u5355\u72ec\u5b58\u5728\u3002\u6211\u4eec\u53ef\u4ee5\u5355\u72ec\u4f7f\u7528Filebeat\u8fdb\u884c\u65e5\u5fd7\u7684\u4e0a\u62a5\u548c\u641c\u96c6\u3002filebeat \u5185\u7f6e\u4e86\u5e38\u7528\u7684 Output \u7ec4\u4ef6, \u4f8b\u5982 kafka\u3001ElasticSearch\u3001redis \u7b49\uff0c\u51fa\u4e8e\u8c03\u8bd5\u8003\u8651\uff0c\u4e5f\u53ef\u4ee5\u8f93\u51fa\u5230 console \u548c file\u3002<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<ul>\n<li>Kibana\uff1a\u8d1f\u8d23\u65e5\u5fd7\u6570\u636e\u7684\u754c\u9762\u5c55\u793a\u3002\u5b83\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6570\u636e\u5206\u6790\u548c\u53ef\u89c6\u5316\u5e73\u53f0\uff0c\u63d0\u4f9b\u4e30\u5bcc\u7684\u6570\u636e\u53ef\u89c6\u5316\u9009\u9879\uff0c\u5982\u67f1\u72b6\u56fe\u3001\u7ebf\u56fe\u3001\u997c\u56fe\u7b49\uff0c\u5e2e\u52a9\u7528\u6237\u4ee5\u56fe\u5f62\u5316\u7684\u65b9\u5f0f\u7406\u89e3\u6570\u636e\u3002\u6b64\u5916\uff0c\u5b83\u8fd8\u652f\u6301\u5f3a\u5927\u7684\u6570\u636e\u63a2\u7d22\u529f\u80fd\uff0c\u7528\u6237\u53ef\u4ee5\u4f7f\u7528Elasticsearch\u7684\u67e5\u8be2\u8bed\u8a00\u8fdb\u884c\u6570\u636e\u67e5\u8be2\u548c\u7b5b\u9009\u3002<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"586\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-1024x586.png\" alt=\"\" class=\"wp-image-18259\" style=\"width:478px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-1024x586.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-300x172.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-768x440.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-1536x880.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-830x475.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-230x132.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-350x200.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16-480x275.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-16.png 1694w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<p>\u3000<\/p>\n\n\n\n<p><strong>Filebeat\u5b89\u88c5<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\u5728Kibana\u4e0a\u53ef\u4ee5\u770b\u5230Filebeat\u6709Macos\uff0cDEB\uff0cRPM\uff0cWindows\u7248\u672c\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"663\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-1024x663.png\" alt=\"\" class=\"wp-image-18265\" style=\"width:644px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-1024x663.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-300x194.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-768x497.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-1536x994.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-2048x1326.png 2048w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-830x537.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-230x149.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-350x227.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-20-480x311.png 480w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<p>\u3000<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"622\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-1024x622.png\" alt=\"\" class=\"wp-image-18263\" style=\"width:654px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-1024x622.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-300x182.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-768x467.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-1536x933.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-2048x1244.png 2048w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-830x504.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-230x140.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-350x213.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-18-480x292.png 480w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<p>\u3000<\/p>\n\n\n\n<p>\u56e0\u4e3a\u6211\u4eec\u662flinux centos\uff0c\u6240\u4ee5\u9009\u62e9RPM\u5b89\u88c5\u3002<\/p>\n\n\n\n<ul>\n<li>\u4e0b\u8f7d\u5e76\u5b89\u88c5 Filebeat<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">curl -L -O https:\/\/artifacts.elastic.co\/downloads\/beats\/filebeat\/filebeat-7.14.1-x86_64.rpm\nsudo rpm -vi filebeat-7.14.1-x86_64.rpm<\/pre>\n\n\n\n<ul>\n<li>\u7f16\u8f91\u914d\u7f6e<\/li>\n<\/ul>\n\n\n\n<p>\u4fee\u6539 <code>\/etc\/filebeat\/filebeat.yml<\/code> \u4ee5\u8bbe\u7f6e\u8fde\u63a5\u4fe1\u606f\uff1a<\/p>\n\n\n\n<p>\u5176\u4e2d\uff0c<code>&lt;password><\/code> \u662f <code>elastic<\/code> \u7528\u6237\u7684\u5bc6\u7801\uff0c<code>&lt;es_url><\/code> \u662f Elasticsearch \u7684 URL\uff0c<code>&lt;kibana_url><\/code> \u662f Kibana \u7684 URL\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">###################### Filebeat Configuration Example #########################\n# ============================== Filebeat inputs ===============================\n\nfilebeat.inputs:\n\n- type: log\n\n  enabled: true\n\n  paths:\n    - \/mnt\/nginx\/logs\/*.log\n \n  #\u8fd9\u91cc\u589e\u52a0\u4e00\u4e2a\u81ea\u5b9a\u4e49\u7684\u5b57\u6bb5event.dataset: nginx.access\uff0c\u76ee\u7684\u662f\u8ba9filebeat\u628a\u8fd9\u4e2alog\u5206\u7c7b\u6210nginx.access\n  fields:\n    event.dataset: nginx.access\n  fields_under_root: true  \n\n# ============================== Filebeat modules ==============================\n\nfilebeat.config.modules:\n  # Glob pattern for configuration loading\n  path: ${path.config}\/modules.d\/*.yml\n\n  # Set to true to enable config reloading\n  reload.enabled: false\n\n  # Period on which files under path should be checked for changes\n  #reload.period: 10s\n\n# ======================= Elasticsearch template setting =======================\n\nsetup.template.settings:\n  index.number_of_shards: 1\n  #index.codec: best_compression\n  #_source.enabled: false\n\n# =================================== Kibana ===================================\n\n# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.\n# This requires a Kibana endpoint configuration.\nsetup.kibana:\n\n  # Kibana Host\n  # Scheme and port can be left out and will be set to the default (http and 5601)\n  # In case you specify and additional path, the scheme is required: http:\/\/localhost:5601\/path\n  # IPv6 addresses should always be defined as: https:\/\/[2001:db8::1]:5601\n  host: \"123.56.xxx.xxx:5601\" ==\u300b\u8fd9\u91cc\u66ff\u6362\u6210kibana\u7684IP\n\n# ================================== Outputs ===================================\n\n# Configure what output to use when sending the data collected by the beat.\n\n# ---------------------------- Elasticsearch Output ----------------------------\noutput.elasticsearch:\n  # Array of hosts to connect to.\n  hosts: [\"123.56.xxx.xxx:9200\"] ==\u300b\u8fd9\u91cc\u66ff\u6362\u6210elasticsearch\u7684IP\n\n  # Protocol - either `http` (default) or `https`.\n  #protocol: \"https\"\n\n  # Authentication credentials - either API key or username\/password.\n  #api_key: \"id:api_key\"\n  username: \"xxxxxx\" ==\u300b\u8fd9\u91cc\u66ff\u6362\u6210elasticsearch\u7684\u5b9e\u9645\u5bc6\u7801\n  password: \"xxxxxx\"  ==\u300b\u8fd9\u91cc\u66ff\u6362\u6210elasticsearch\u7684\u5b9e\u9645\u5bc6\u7801\n\n# ================================= Processors =================================\nprocessors:\n  - add_host_metadata:\n      when.not.contains.tags: forwarded\n  - add_cloud_metadata: ~\n  - add_docker_metadata: ~\n  - add_kubernetes_metadata: ~\n\n<\/pre>\n\n\n\n<ul>\n<li>\u542f\u7528\u548c\u914d\u7f6e nginx \u6a21\u5757<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo filebeat modules enable nginx<\/pre>\n\n\n\n<p>\u6267\u884c\u5b8c\u4e0a\u9762\u7684\u547d\u4ee4\u4ee5\u540e\uff0c\u4f1a\u53d1\u73b0 \/etc\/filebeat\/modules.d\u76ee\u5f55\u4e0b\u7684nginx.yml\u6587\u4ef6\u7684disable\u6d88\u5931\u4e86\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"934\" height=\"1018\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21.png\" alt=\"\" class=\"wp-image-18267\" style=\"width:308px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21.png 934w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-275x300.png 275w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-768x837.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-830x905.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-230x251.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-350x381.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-21-480x523.png 480w\" sizes=\"(max-width: 934px) 100vw, 934px\" \/><\/figure><\/div>\n\n\n<p> <\/p>\n\n\n\n<p>\u5728 <code>\/etc\/filebeat\/modules.d\/nginx.yml<\/code> \u6587\u4ef6\u4e2d\u4fee\u6539\u8bbe\u7f6e\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Module: nginx\n# Docs: https:\/\/www.elastic.co\/guide\/en\/beats\/filebeat\/7.x\/filebeat-module-nginx.html\n\n- module: nginx\n  # Access logs\n  access:\n    enabled: true\n\n    # Set custom paths for the log files. If left empty,\n    # Filebeat will choose the paths depending on your OS.\n    #var.paths:\n    var.paths: [\"\/mnt\/nginx\/logs\/access.log\"]  # Nginx \u8bbf\u95ee\u65e5\u5fd7\u8def\u5f84\n\n  # Error logs\n  error:\n    enabled: true\n    var.paths: [\"\/mnt\/nginx\/logs\/error.log\"]  # Nginx \u8bbf\u95ee\u65e5\u5fd7\u8def\u5f84\n\n    # Set custom paths for the log files. If left empty,\n    # Filebeat will choose the paths depending on your OS.\n    #var.paths:\n\n  # Ingress-nginx controller logs. This is disabled by default. It could be used in Kubernetes environments to parse ingress-nginx logs\n  ingress_controller:\n    enabled: false\n\n    # Set custom paths for the log files. If left empty,\n    # Filebeat will choose the paths depending on your OS.\n    #var.paths:<\/pre>\n\n\n\n<ul>\n<li>ngnix \u8bbe\u5b9alog \u683c\u5f0f<\/li>\n<\/ul>\n\n\n\n<p>\u4fee\u6539 \/mnt\/nginx\/conf.d\/default.conf<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">    server {\n        listen 8081 ssl;\n        server_name 92it.top www.92it.top;  # \u540c\u65f6\u652f\u6301\u4e24\u79cd\u57df\u540d\u8bbf\u95ee\n\n        # \u5141\u8bb8\u6700\u5927\u4e0a\u4f20\u6587\u4ef6\u5927\u5c0f\u4e3a 100MB\n        client_max_body_size 100M;\n        client_body_buffer_size 256k;\n\n        # \u4ee3\u7406\u8d85\u65f6\u914d\u7f6e\n        proxy_connect_timeout 120s;  # \u8fde\u63a5\u540e\u7aef\u670d\u52a1\u5668\u7684\u8d85\u65f6\u65f6\u95f4\n        proxy_send_timeout 300s;     # \u5411\u540e\u7aef\u670d\u52a1\u5668\u53d1\u9001\u8bf7\u6c42\u7684\u8d85\u65f6\u65f6\u95f4\n        proxy_read_timeout 600s;     # \u4ece\u540e\u7aef\u670d\u52a1\u5668\u8bfb\u53d6\u54cd\u5e94\u7684\u8d85\u65f6\u65f6\u95f4\uff08\u5173\u952e\u53c2\u6570\uff09\n\n        # SSL \u8bc1\u4e66\u914d\u7f6e\n        ssl_certificate \/etc\/nginx\/certs\/ssl-cert.pem;\n        ssl_certificate_key \/etc\/nginx\/certs\/ssl-cert.key;\n\n        # \u8f6c\u53d1\u6240\u6709\u8bf7\u6c42\u5230\u76ee\u6807\u4e3b\u673a\n        location \/ {\n            proxy_pass http:\/\/123.56.xxx.xxx:30080;\n            proxy_set_header Host $host;\n            proxy_set_header X-Real-IP $remote_addr;\n            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n            proxy_set_header X-Forwarded-Proto $scheme;\n\n            # \u53ef\u9009\uff1a\u4fdd\u7559\u6240\u6709\u8bf7\u6c42\u5934\u90e8\uff08\u5305\u62ec\u975e\u6807\u51c6\u5b57\u6bb5\uff09\n            proxy_pass_request_headers on;\n        }\n    }\n<\/pre>\n\n\n\n<ul>\n<li>\u542f\u52a8 Filebeat<\/li>\n<\/ul>\n\n\n\n<p><code>setup<\/code> \u547d\u4ee4\u52a0\u8f7d Kibana \u4eea\u8868\u677f\u3002\u5982\u679c\u4eea\u8868\u677f\u5df2\u8bbe\u7f6e\uff0c\u8bf7\u7701\u7565\u6b64\u547d\u4ee4\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo filebeat setup\nsudo service filebeat start<\/pre>\n\n\n\n<ul>\n<li>\u4e00\u4e9b\u5e38\u7528\u547d\u4ee4<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u505c\u6b62filebeat\nsudo service filebeat stop\n\n# \u542f\u52a8filebeat\nsudo service filebeat start\n\n# \u67e5\u770bfilebeat\u72b6\u51b5\nsudo service filebeat status <\/pre>\n\n\n\n<ul>\n<li>\u67e5\u770bmodules\u542f\u52a8\u72b6\u51b5<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">filebeat modules list<\/pre>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"656\" height=\"486\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22.png\" alt=\"\" class=\"wp-image-18268\" style=\"width:324px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22.png 656w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22-300x222.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22-230x170.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22-350x259.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-22-480x356.png 480w\" sizes=\"(max-width: 656px) 100vw, 656px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u67e5\u770b\u65e5\u5fd7\u63a5\u53d7\u72b6\u51b5\uff08\u67e5\u8be2ElasticSearch\u7684\u7d22\u5f15\uff09<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">curl -X GET \"http:\/\/123.56.xxx.xxx:9200\/_cat\/indices?v\" -u \"elastic\u7528\u6237\u540d:elastic\u5bc6\u7801\"\n<\/pre>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u67e5\u8be2\u7ed3\u679c\uff0c\u53ef\u4ee5\u770b\u5230 filebeat-7.14.1-2025.07.02-000001 \u6709count\u548csize\u4e86\uff0c\u5c31\u662f\u63a8\u9001\u7684\u5927\u5c0f\u3002\nhealth status index                                     uuid                   pri rep docs.count docs.deleted store.size pri.store.size\ngreen  open   .kibana_task_manager_7.14.1_001           MqVI48GLS32sT6K--dacyQ   1   0         15        41775      6.8mb          6.8mb\ngreen  open   .transform-internal-007                   tmPy01jfQiq67WMqkzFIrw   1   0          3            0     25.8kb         25.8kb\ngreen  open   .apm-agent-configuration                  xa-jMXyKTkmQ3t-KjqTahQ   1   0          0            0       208b           208b\nyellow open   filebeat-7.14.1-2025.07.02-000001         FZSLXLM5RYalW8wsLq5Nnw   1   1       1100            0    621.2kb        621.2kb\ngreen  open   .kibana_7.14.1_001                        F98UL77vSea0mFvJ5XPikA   1   0       7092           31      8.5mb          8.5mb\ngreen  open   .tasks                                    mSIuWhWeRK-wesFeQDwqYw   1   0         14            0     71.2kb         71.2kb\ngreen  open   metrics-endpoint.metadata_current_default m9Jm8nFgSfGlCGtazOfYCw   1   0          0            0       208b           208b\ngreen  open   .geoip_databases                          jPn-7jWHT4qft9WYg0rFhA   1   0         40           35       38mb           38mb\ngreen  open   .security-7                               _eK2IBYnTAGjlIN61kc4aQ   1   0         55            0      304kb          304kb\ngreen  open   .apm-custom-link                          5Sv50RrFRoKKqvpetIg8bQ   1   0          0            0       208b           208b\ngreen  open   kibana_sample_data_ecommerce              mHI93EdLTGigIF8RfdvVOg   1   0       4675            0      3.6mb          3.6mb\ngreen  open   .async-search                             vBMXYUsSRvO4saUbIJay-Q   1   0        180           19    676.7kb        676.7kb\ngreen  open   .fleet-policies-7                         HiD5YQerSIipdHgiktIhxg   1   0          5            0     31.8kb         31.8kb\ngreen  open   .kibana-event-log-7.14.1-000001           aOqC-lFVQdGvGS_9xHSYBQ   1   0          8            0     43.4kb         43.4kb<\/pre>\n\n\n\n<p>\u3000\u3000<\/p>\n\n\n\n<p><strong>\u5728 Kibana dashboard\u67e5\u770bngnix log<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<ul>\n<li>\u5982\u679c<code>filebeat<\/code>\u6ca1\u95ee\u9898\u7684\u8bdd\uff0c\u53ef\u4ee5\u5728Kibana dashboard\u770b\u5230\u91c7\u96c6\u5230\u7684ngnix log\u3002<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"477\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-1024x477.png\" alt=\"\" class=\"wp-image-18271\" style=\"width:686px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-1024x477.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-300x140.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-768x358.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-1536x716.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-2048x955.png 2048w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-830x387.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-230x107.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-350x163.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-23-480x224.png 480w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u521b\u5efa\u53ef\u89c6\u5316<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"616\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-1024x616.png\" alt=\"\" class=\"wp-image-18275\" style=\"width:622px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-1024x616.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-300x181.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-768x462.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-1536x924.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-830x499.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-230x138.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-350x211.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25-480x289.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-25.png 1562w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u8fdb\u53bb\u4e4b\u540e \u2014\u300b \u70b9\u51fb \u65b0\u5efa\u53ef\u89c6\u5316 \u2014\u300b\u70b9\u51fb Lens<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"545\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-1024x545.png\" alt=\"\" class=\"wp-image-18276\" style=\"width:602px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-1024x545.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-300x160.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-768x409.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-830x442.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-230x122.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-350x186.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26-480x256.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-26.png 1424w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u51c6\u5907\u521b\u5efa\u6761\u5f62\u56fe<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"369\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-1024x369.png\" alt=\"\" class=\"wp-image-18277\" style=\"width:604px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-1024x369.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-300x108.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-768x277.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-1536x554.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-830x299.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-230x83.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-350x126.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27-480x173.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-27.png 1552w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u70b9\u51fb \u6c34\u5e73\u8f74 \u914d\u7f6e\u5982\u4e0b<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"931\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-1024x931.png\" alt=\"\" class=\"wp-image-18278\" style=\"width:594px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-1024x931.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-300x273.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-768x698.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-830x755.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-230x209.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-350x318.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28-480x436.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-28.png 1320w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u70b9\u51fb \u5782\u76f4\u8f74<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"580\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-1024x580.png\" alt=\"\" class=\"wp-image-18279\" style=\"width:644px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-1024x580.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-300x170.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-768x435.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-1536x870.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-830x470.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-230x130.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-350x198.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29-480x272.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-29.png 1560w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<ul>\n<li>\u70b9\u51fb\u53f3\u4e0a\u89d2\u7684\u4fdd\u5b58\u5373\u53ef\u3002\u6700\u540e\u67e5\u770b\u4eea\u8868\uff0c\u70b9\u51fb kibana \u2014\u300b Dashboards<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"285\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-1024x285.png\" alt=\"\" class=\"wp-image-18280\" style=\"width:582px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-1024x285.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-300x83.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-768x214.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-1536x427.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-830x231.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-230x64.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-350x97.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30-480x134.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-30.png 1546w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"570\" src=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-1024x570.png\" alt=\"\" class=\"wp-image-18281\" style=\"width:592px;height:auto\" srcset=\"https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-1024x570.png 1024w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-300x167.png 300w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-768x427.png 768w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-1536x855.png 1536w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-830x462.png 830w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-230x128.png 230w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-350x195.png 350w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31-480x267.png 480w, https:\/\/92it.top\/wp-content\/uploads\/2025\/07\/image-31.png 1560w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>","protected":false},"excerpt":{"rendered":"<p>EFK\u67b6\u6784\u4ecb\u7ecd EFK\u4e09\u4e2a\u5f00\u6e90\u8f6f\u4ef6\u7ec4\u6210\uff0c\u5206\u522b\u662fElasticsearch\u3001FileBeat\u548cKibana\u3002\u8fd9\u4e09 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"_links":{"self":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/18258"}],"collection":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=18258"}],"version-history":[{"count":8,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/18258\/revisions"}],"predecessor-version":[{"id":18282,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/18258\/revisions\/18282"}],"wp:attachment":[{"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=18258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=18258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=18258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}