Java教程
logstash收集Tomcat日志
本文主要是介绍logstash收集Tomcat日志,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
web服务器安装jdk,安装Tomcat还有logstash
安装jdk
[root@es-web1 ~]# apt install openjdk-8-jdk -y
dpkg安装logstash(需要改启动文件的以root启动)
[root@es-web1 src]# dpkg -i logstash-7.12.1-amd64.deb
创建目录
[root@es-web1 ~]# mkdir /apps
解压
[root@es-web1 apps]# tar xf apache-tomcat-8.5.54.tar.gz
制作软链接
[root@es-web1 apps]# ln -sv /apps/apache-tomcat-8.5.54 /apps/tomcat '/apps/tomcat' -> '/apps/apache-tomcat-8.5.54'
创建目录
[root@es-web1 webapps]# pwd /apps/tomcat/webapps [root@es-web1 webapps]# mkdir myapp
添加数据
[root@es-web1 webapps]# vim myapp/index.jsp myapp for 172.31.2.107
启动
[root@es-web1 tomcat]# ./bin/catalina.sh start
测试:
http://172.31.2.107:8080/myapp/
改Tomcat 配置
[root@es-web1 tomcat]# vim conf/server.xml
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="tomcat_access_log" suffix=".log"
pattern="{"clientip":"%h","ClientUser":"%l","authenticated":"%u","AccessTime":"%t","metod":"%r","status":"%s","SendBytes":"%b","Query?string":"%q","partner":"%{Referer}i","AgentVersion":"%{User-Agent}i"}"/>
停止
[root@es-web1 tomcat]# ./bin/catalina.sh stop
启动
[root@es-web1 tomcat]# ./bin/catalina.sh start
查看日志
[root@es-web1 tomcat]# tail -f logs/tomcat_access_log.2021-08-25.log
在原来的基础上写logstash配置
root@long:/usr/local/src# vim /etc/logstash/conf.d/system-log-es.conf
input {
file {
path => "/var/log/bootstrap.log"
start_position => "beginning"
stat_interval => 3
type => "bootstrap"
}
file {
path => "/apps/tomcat/logs/tomcat_access_log.*.log"
start_position => "beginning"
stat_interval => 3
type => "tomcat-accesslog"
}
}
output {
if [type] == "bootstrap"{
elasticsearch {
hosts => ["172.31.2.101:9200"]
index => "long-bootstrap-log-%{+YYYY.MM.dd}"
}}
if [type] == "tomcat-accesslog"{
elasticsearch {
hosts => ["172.31.2.101:9200"]
index => "long-tomcat-accesslog-%{+YYYY.MM.dd}"
codec => "json"
}}
}
改权限
[root@es-web1 conf.d]# chmod 644 /apps/tomcat/logs/tomcat_access_log.*.log
重启
root@long:/usr/local/src# systemctl restart logstash
添加到kibana
略
收集java日志并合并日志
[root@linux-host1 ~]# vim /etc/logstash/conf.d/java.conf
input {
file {
path => "/apps/tomcat/logs/catalina.out"
type => "javalog"
start_position => "beginning"
stat_interval => 3
codec => multiline {
pattern => "^\["
negate => true
what => "previous"
}}
}
output {
if [type] == "javalog" {
stdout {
codec => "rubydebug"
}
file {
path => "/tmp/m.txt"
}}
}
检查语法:
[root@linux-host1 ~]# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/java.conf -t
将输出改为elasticsearch:
更改后的内容如下:(注意:后面正则不能使用模糊匹配,不然会一直匹配下去)
[root@es-web1 ~]# cat /etc/logstash/conf.d/java-to-es.conf
input {
file {
path => "/apps/tomcat/logs/catalina.out"
start_position => "beginning"
stat_interval => 3
type => "javalog"
codec => multiline {
pattern => "^\d+\-\w+\-[0-9]{4}"
negate => true
what => "previous"
}}
}
output {
if [type] == "javalog" {
elasticsearch {
hosts => ["172.31.2.101:9200"]
index => "long-javalog-%{+YYYY.MM.dd}"
}}
}
重启
root@linux-host1 ~]# systemctl restart logstash
添加到kibana
略
这篇关于logstash收集Tomcat日志的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
-
Springboot应用的多环境打包入门11-23
-
Springboot应用的生产发布入门教程11-23
-
Python编程入门指南11-23
-
Java创业入门:从零开始的编程之旅11-23
-
Java创业入门:新手必读的Java编程与创业指南11-23
-
Java对接阿里云智能语音服务入门详解11-23
-
Java对接阿里云智能语音服务入门教程11-23
-
JAVA对接阿里云智能语音服务入门教程11-23
-
Java副业入门:初学者的简单教程11-23
-
JAVA副业入门:初学者的实战指南11-23
-
JAVA项目部署入门:新手必读指南11-23
-
Java项目部署入门:新手必看指南11-23
-
Java项目部署入门:新手必读指南11-23
-
Java项目开发入门:新手必读指南11-23
-
JAVA项目开发入门:从零开始的实用教程11-23
栏目导航
