更新时间:
#ELK 日志收集 简单笔记
#1. ELK 版本 7.17.22
采用https://github.com/deviantony/docker-elk 3合一版本。 支持auth 用docker-compose
各种样例 高端玩法 https://github.com/sherifabdlnaby/elastdocker Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
#2. 配置logstash pipeline
[root@devtest-service pipeline]# cat logstash.conf
input {
# beats {
# port => 5044
# }
tcp {
port => 5044
codec => json_lines
}
}
#3. java 配置
这里没有用到 beats ,注意上边logstash优化
<appender name="LOGSTASH" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<destination>${logstash-server-addr}</destination>
<!-- 日志输出编码 -->
<encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">