外観
こんな感じの構成を作ってみる。
ElasticSearchのインストール
http://www.elasticsearch.org/overview/elkdownloads/からtar.gzをダウンロードしてインストールする。
$ wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-0.90.7.zip
$ unzip elasticsearch-0.90.7.zip
$ sudo mv elasticsearch-0.90.7 /usr/share
$ sudo ln -s /usr/share/elasticsearch-0.90.7/bin/elasticsearch /usr/bin/elasticsearch
$ sudo vim /etc/init.d/elasticsearch
#! /bin/sh
### BEGIN INIT INFO
# Provides: elasticsearch
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts elasticsearch
# Description: Starts elasticsearch using start-stop-daemon
### END INIT INFO
ES_HOME=/usr/share/elasticsearch-0.90.7
ES_MIN_MEM=256m
ES_MAX_MEM=2g
DAEMON=$ES_HOME/bin/elasticsearch
NAME=elasticsearch
DESC=elasticsearch
PID_FILE=/var/run/$NAME.pid
LOG_DIR=/var/log/$NAME
DATA_DIR=/var/lib/$NAME
WORK_DIR=/tmp/$NAME
CONFIG_FILE=$ES_HOME/config/elasticsearch.yml
DAEMON_OPTS="-p $PID_FILE -Des.config=$CONFIG_FILE -Des.path.home=$ES_HOME -Des.path.logs=$LOG_DIR -Des.path.data=$DATA_DIR -Des.path.work=$WORK_DIR"
test -x $DAEMON || exit 0
set -e
case "$1" in
start)
echo -n "Starting $DESC: "
mkdir -p $LOG_DIR $DATA_DIR $WORK_DIR
if start-stop-daemon --start --pidfile $PID_FILE --startas $DAEMON -- $DAEMON_OPTS
then
echo "started."
else
echo "failed."
fi
;;
stop)
echo -n "Stopping $DESC: "
if start-stop-daemon --stop --pidfile $PID_FILE
then
echo "stopped."
else
echo "failed."
fi
;;
restart|force-reload)
${0} stop
sleep 0.5
${0} start
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0
$ sudo chmod +x /etc/init.d/elasticsearch
$ sudo update-rc.d elasticsearch defaults
$ sudo /etc/init.d/elasticsearch start
Starting elasticsearch: started.
動作チェック
$ unset http_proxy
$ curl -X GET http://localhost:9200
{
"ok" : true,
"status" : 200,
"name" : "Wolfsbane",
"version" : {
"number" : "0.90.7",
"build_hash" : "36897d07dadcb70886db7f149e645ed3d44eb5f2",
"build_timestamp" : "2013-11-13T12:06:54Z",
"build_snapshot" : false,
"lucene_version" : "4.5.1"
},
"tagline" : "You Know, for Search"
}%
#Input Date
$ curl -X PUT http://localhost:9200/foo/bar/1 -d '
>{
> "user" : "test",
> "email" : "test@gmail.com",
> "body" : "mastle body"
>}'
{"ok":true,"_index":"foo","_type":"bar","_id":"1","_version":1}%
#Search Data
$ curl -X GET http://localhost:9200/foo/bar/_search -d '
> {
> "query":
> {
> "match" : {"user" : "test"}
> }
> }'
{"took":52,"timed_out":false,"_shards":{"total":5,"successful":5,"failed":0},"hits":{"total":1,"max_score":0.30685282,"hits":[{"_index":"foo","_type":"bar","_id":"1","_score":0.30685282, "_source" :
{
"user" : "test",
"email" : "test@gmail.com",
"body" : "mastle body"
}}]}}%
Kibanaのインストール
$ git clone --branch=kibana-ruby https://github.com/rashidkpc/Kibana.git
$ sudo mv Kibana /usr/share
$ cd /usr/share/Kibana
$ bundle install
$ bundle exec ruby kibana.rb&
動作チェック
ブラウザで以下のURLにアクセスする。
http://localhost:5601/
Nginxのインストール
$ sudo apt-get install nginx
$ sudo cp /etc/nginx/sites-available/{default,kibana}
$ sudo adduser nginx
$ sudo su - nginx
nginx@ubuntu:~$ mkdir html
nginx@ubuntu:~$ mkdir logs
nginx@ubuntu:~$ cd logs/
nginx@ubuntu:~/logs$ ls
nginx@ubuntu:~/logs$ cd ~
nginx@ubuntu:~$ ls
examples.desktop html logs
nginx@ubuntu:~$ exit
logout
$ sudo vim /etc/nginx/sites-available/kibana
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
root /home/nginx/html;
access_log /home/nginx/logs/access.log;
error_log /home/nginx/logs/error.log;
index index.html index.htm;
server_name localhost;
location / {
proxy_pass http://localhost:5601;
}
location /public {
try_files $uri $uri/ /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
}$ sudo rm /etc/nginx/sites-enabled/default
$ sudo ln -s /etc/nginx/sites-available/kibana /etc/nginx/sites-enabled/kibana$ sudo /etc/init.d/nginx restart
Restarting nginx: nginx.
$ sudo su - nginx
nginx@ubuntu:~$ ls
examples.desktop html logs
nginx@ubuntu:~$ cd html/
nginx@ubuntu:~/html$ ls
nginx@ubuntu:~/html$ mkdir public
nginx@ubuntu:~/html$ cd public/
nginx@ubuntu:~/html/public$ ls
nginx@ubuntu:~/html/public$ vim index.html
nginx@ubuntu:~/html/public$ cat index.html
<html><head></head><body><h1>Hello World!</h1></body></html>
動作確認
ブラウザでhttp://localhost/public/index.htmlにアクセスする。
Fluentdのインストール
$ sudo apt-add-repository 'deb http://packages.treasure-data.com/debian/ lucid contrib'
$ sudo apt-get update
$ sudo apt-get install td-agent
$ sudo /usr/lib/fluent/ruby/bin/fluent-gem install fluent-plugin-elasticsearch
$ sudo vim /etc/td-agent/td-agent.conf
$ sudo cat /etc/td-agent/td-agent.conf
<source>
type tail
path /home/nginx/logs/access.log
format nginx
time_format %d/%b/%Y:%H/%M:%S %z
tag nginx.access
pos_file /var/log/td-agent/nginx.pos
</source>
<match nginx.access>
index_name adminpack
type elasticsearch
include_tag_key true
tag_key @log_name
host 127.0.0.1
port 9200
logstash_format true
flush_interval 10s
</match>
$ sudo /etc/init.d/td-agent restart
全体の動作チェック
- ブラウザでhttp://localhost/public/index.htmlにアクセスする。
- ブラウザでhttp://localhost/にアクセスしてKibanaの画面を見る。
- nginx.accessで検索する。
