####################
一 filebeat 收集 mysql
####################
1.启动方法:vi /etc/rc.local
/root/filebeat-5.5.1-linux-x86_64/filebeat -c
/root/filebeat-5.5.1-linux-x86_64/filebeat.yml &
2.filebeat.yml 内容:
filebeat.prospectors:
- input_type: log
paths:
-
/data/mysql/log/mysql_err.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["error"]
- input_type: log
paths:
-
/data/mysql/log/mysql_slow.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["slow"]
- input_type: log
paths:
-
/data/mysql/log/mysql_general.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["log"]
output.elasticsearch:
hosts:
["10.100.x.x:9200","10.100.x.x:9200"]
username: "user"
password: "pwd"
index: logstash-mysqllog-%{+YYYY.MM.dd}
logging.level: info
logging.to_files: true
logging.to_syslog: false
logging.files:
path: /var/log/filebeat
name: filebeat.log
keepfiles: 7
rotateeverybytes: 10485760
################################
二 winlogbeat 收集 window 应用 sql server
################################
1.安装方法
powershell.exe -ExecutionPolicy UnRestricted -File
.\install-service-winlogbeat.ps1
2.winlogbeat.yml 内容如下:
winlogbeat.event_logs:
- name: Application
ignore_older: 72h
tags: ["sql2016","witness"]
output.elasticsearch:
hosts:
["10.100.x.x:9200","10.100.x.x:9200"]
username: "user"
password: "pwd"
index: logstash-sqlwitnesslog-%{+YYYY.MM.dd}
#######################
三 filebeat 收集 oracle
#######################
filebeat.prospectors:
- input_type: log
paths:
-
/u01/oracle/diag/rdbms/oemsdb/oemsdb1/trace/alert_oemsdb1.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["rac1-alert"]
- input_type: log
paths:
-
/u01/11.2.0/gbase/diag/tnslsnr/vmlin7370/listener/trace/listener.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["rac1-listener"]
- input_type: log
paths:
-
/u01/oracle/admin/oemsdb/adump/*
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["rac1-adump"]
output.elasticsearch:
hosts:
["10.100.x.x:9200","10.100.x.x:9200"]
username: "user"
password: "pwd"
index: logstash-oraclelog-%{+YYYY.MM.dd}
logging.level: info
logging.to_files: true
logging.to_syslog: false
logging.files:
path: /var/log/filebeat
name: filebeat.log
keepfiles: 7
rotateeverybytes: 10485760
#######################
四 filebeat 收集 redis
#######################
filebeat.prospectors:
- input_type: log
paths:
-
/data/redisdb/log/sentinel.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["sentinel"]
- input_type: log
paths:
-
/data/redis-4.0.2/log/sentinel.log
encoding: utf-8
scan_frequency: 10s
harvester_buffer_size: 16384
# tail_files: false
tags: ["sentinel"]
output.elasticsearch:
hosts:
["10.100.x.x:9200","10.100.x.x:9200"]
username: "user"
password: "pwd"
index: logstash-redislog-%{+YYYY.MM.dd}
logging.level: info
logging.to_files: true
logging.to_syslog: false
logging.files:
path: /var/log/filebeat
name: filebeat.log
keepfiles: 7
rotateeverybytes: 10485760
加载中,请稍候......
加载中…
喜欢