ELK堆棧(Elasticsearch、Logstash和Kibana)是一個流行的日志收集、處理和分析解決方案。以下是如何在Debian系統上使用ELK堆棧來分析JavaScript(JS)日志的步驟:
首先,在Debian系統上安裝Elasticsearch:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
sudo apt-get update && sudo apt-get install elasticsearch
啟動Elasticsearch服務:
sudo systemctl start elasticsearch
sudo systemctl enable elasticsearch
接下來,安裝Logstash:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
sudo apt-get update && sudo apt-get install logstash
啟動Logstash服務:
sudo systemctl start logstash
sudo systemctl enable logstash
最后,安裝Kibana:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
sudo apt-get update && sudo apt-get install kibana
啟動Kibana服務:
sudo systemctl start kibana
sudo systemctl enable kibana
創建一個Logstash配置文件/etc/logstash/conf.d/js_logs.conf
,用于收集和處理JS日志:
input {
file {
path => "/var/log/your-js-app.log"
start_position => "beginning"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "js-logs-%{+YYYY.MM.dd}"
}
}
重啟Logstash服務以應用配置:
sudo systemctl restart logstash
在Kibana中創建索引模式,以便能夠搜索和可視化存儲在Elasticsearch中的JS日志數據。訪問http://localhost:5601
,在“Management”標簽下創建索引模式,匹配js-logs-*
。
使用Kibana創建圖表和儀表盤,以實時監控和分析JS日志。你可以創建各種類型的圖表,如條形圖、折線圖等,以展示日志數據的不同維度。