本文共 3105 字,大约阅读时间需要 10 分钟。
-
Overview
《》
《》
《》
-
Installation
The full stack consists of :
Beats,APM Server,Elasticsearch,Elasticsearch Hadoop,Kibana,Logstash..
After completing the installation process, learn how to implement a system monitorinng solution that uses Metricbeat to collect server metrics and ship the data to Elasticsearch. Then use Kibana to search and visualize the data.
《》
-
Elasticsearch is the distributed search and analytics engine at the heart of the Elastic Stack.
Logstash and Beats facilitate collecting, aggregating, and enriching your data and storing it in Elasticsearch.
Kibana enables you to interactively explore, visualize, and share insights you into your data and manage and monitor the stack. 所有与elastic的交互操作可以通过RestfulAPI进行,这个Kibana是对应的可视化工具。
Elasticsearch is where the indexing, search, and analysis magic happens.
is an inbuilt part of Kibana.
Logstash is an open source data collection engine with real-time pipelining capabilities.
is a single, unified way to add monitoring for logs, metrics, and other types of data to each host.
provides a web-based UI in Kibana to add and manage integrations for popular services and platforms, as well as manage a fleet of Elastic Agents.
are open source data shippers that you install as agets on your servers to send operational data to Elasticsearch.
-
The Logs app in Kibana enables you to search, filter, and tail all your logs ingested into Elasticseach. Instead of having to log into different servers, change diretories, and tail individual files, all your logs are avaiable in the Logs app.
-
中文理解基本概念
Elastic本质是一个分布式数据库,每台服务器可以运行多个Elastic实例;node: 单个Elastic实例称为一个节点node;多个节点构成一个集群(
cluster);Elastic会索引所有字段,处理后写入一个反向索引(Inverted Index);Elastic数据管理的顶层单位是Index,每个Index名字必须是小写,等同于数据库;Index里面单条的记录称为Document(文档)。许多条Document构成了一个Index。Document使用JSON格式表示。Index与Document之间,可以包含分组Type。不同的Type应该有类似的结构schema, -
从常用命令入手
# 查看elasticsearch是否启动成功curl localhost:9200如果elasticsearch安装在window的WSL系统上,在window上访问localhost并非wsl的localhost,参见《(20201209已解决)从window访问wsl地址》
# 查看当前节点的所有Indexcurl -X GET 'http://localhost:9200/_cat/indices?v'# 查看每个Index所包含的Typecurl 'localhost:9200/_mapping?pretty=true'# 新建Indexcurl -X PUT 'localhost:9200/weather' # 名为weather的Index# 删除Indexcurl -X DELETE 'localhost:9200/weather'# 向/Index/Type发送PUT请求,增加记录.1是此条记录的Idcurl -X PUT 'localhost:9200/accounts/person/1' -d '{ "user" : "name", "title" : "enginer", "desc" : "database mangement"}'# 不指定Id,通过POST请求新增记录curl -X POST 'localhost:9200/accounts/person' -d '{ "user" : "name", "title" : "enginer", "desc" : "database mangement"}'# 查看某条记录,pretty=true表示以易读格式返回curl 'localhost:9200/accounts/person/1?pretty=true'# 返回所有记录curl 'localhost:9200/accounts/person/_search'# 删除记录curl -X DELETE 'localhost:9200/accounts/person/1'# 更新某条记录,返回字段_version, result, created会发生改变curl -X PUT 'localhost:9200/accounts/person/1' -d '{ "user" : "张三", "title" : "工程师", "desc" : "数据库管理,软件开发"}' # 全文搜索:match查询,指定匹配字段desc里含有software或者time这个词;size指定返回记录数目,默认10curl 'localhost:9200/accounts/person/_search' -d '{ "query":{"match":{"desc":"software time"}}, “size”:1}' -
能看懂的教程
《》
《》
《》
《》
概念补充:
《》
《》
《》
发表评论
最新留言
关于作者
