ELKF日志系统收集nginx日志（非SSL非集群）

2025年3月23日　wuhao

暂无评论　121次浏览

当前系统版本RockyLinux8.9，配置4核8G，nginx安装参考wlnmp一键安装包，自行关闭或配置selinux、firewalld。日志收集流程：Filebeat将日志数据发送到Logstash，Logstash进行过滤、转换，然后将数据发送到E … 阅读全文

Elasticsearch报错memory locking

2024年2月25日　wuhao

暂无评论　1,127次浏览

当前elasticsearch版本8.11.4，报错内容如下：

[ERROR][o.e.b.Elasticsearch      ] [ceph1] node validation exception
[1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch. For more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/bootstrap-checks.html]
bootstrap check failure [1] of [1]: memory locking requested for elasticsearch process but memory is not locked; for more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/_memory_lock_check.html]

[ERROR][o.e.b.Elasticsearch ] [ceph1] node validation exception

[1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch. For more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/bootstrap-checks.html]

bootstrap check failure [1] of [1]: memory locking requested for elasticsearch process but memory is not locked; for more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/_memory_lock_check.html]

这是因为在elasticsearch配置文件中开启了bootstrap.memory_lock: true参数。解决办法： 1、 … 阅读全文

Elasticsearch报错initial heap size

2024年2月17日　wuhao

暂无评论　1,066次浏览

当前elasticsearch版本8.11.4，报错内容如下：

[ERROR][o.e.b.Elasticsearch      ] [ceph1] node validation exception
[1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch. For more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/bootstrap-checks.html]
bootstrap check failure [1] of [1]: initial heap size [2147483648] not equal to maximum heap size [4294967296]; this can cause resize pauses and prevents memory locking from locking the entire heap; for more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/_heap_size_check.html]

[ERROR][o.e.b.Elasticsearch ] [ceph1] node validation exception

bootstrap check failure [1] of [1]: initial heap size [2147483648] not equal to maximum heap size [4294967296]; this can cause resize pauses and prevents memory locking from locking the entire heap; for more information see [https://www.elastic.co/guide/en/elasticsearch/reference/8.11/_heap_size_check.html]

这是因为jvm的参数原因，把jvm的参数设置为相等，我这里基于rpm包安装的，所以修改以下配置。 [crayon-67e8d19f … 阅读全文

EFK环境收集MySQL慢日志

2022年11月20日　wuhao

暂无评论　2,054次浏览

本文通过EFK（Elasticsearch、Fluentd、Kibana）来收集MySQL慢日志，当前系统环境基于Centos7，MySQL基于wlnmp一键包安装。本文由吴昊博客全网首发。注意文中软件版本，版本不同可能会影响最终结果，本文未在新版中进行测试 … 阅读全文

elasticsearch-head插件安装

2018年5月27日　wuhao

暂无评论　7,645次浏览

一定要安装bzip2包、一定要安装bzip2包、一定要安装bzip2包 1、下载head插件源码

cd /usr/local/src
git clone https://github.com/mobz/elasticsearch-head.git
cd elasticsearch-head

cd /usr/local/src

git clone https://github.com/mobz/elasticsearch-head.git

cd elasticsearch-head

2、安装npm（确保你配置了epel源） [crayon-67e8d19f4b619865712 … 阅读全文

ELK6.2搭建部署

2018年5月19日　wuhao

暂无评论　6,519次浏览

ELK是三个软件产品的首字母缩写，Elasticsearch，Logstash和Kibana。这三款软件都是开源的，现在归于Elastic.co公司。在这套系统中，Elasticsearch主要充当一个全文检索和分析引擎，Logstash是一款分布式日志收集 … 阅读全文