Nginx+Logstash+Elasticsearch+Grafana+Worldmap Panel

最近在研究Grafana做监控页面的dashboard,关于grafana结合zabbix,这个可参考https://tech.cuixiangbin.com/?p=994

今天来研究个高级的——Nginx+Logstash+Elasticsearch+Grafana+Worldmap Panel

先上效果图:

Nginx的log_format如下:

log_format  access  '$remote_addr - $remote_user [$time_local] "        $request" '
                '$status $body_bytes_sent "$http_referer" '
                 '"$http_user_agent" $http_x_forwarded_for';

Logstash

[logstash-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

#yum -y install logstash

logstash_nginx.conf

input {
    file {
        type => "nginx.access"
        path => "/tmp/access.log"
        start_position => "beginning"
    }
}

filter {
  grok {
      match => {
        "message" => "%{COMBINEDAPACHELOG}"
      }
  }
  geoip {
      source => "clientip"
      target => "geoip"
      add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
      add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}"  ]
  }
   mutate {
      convert => [ "[geoip][coordinates]", "float"]
  }
}

output {
    elasticsearch {
        hosts => ["192.168.1.1:9200"]
        index => "access-%{+YYYY.MM.dd}"
    }
    stdout {
        codec => json_lines
    }
}
#cd /usr/share/logstash/
#bin/logstash -f config/logstash_nginx.conf

Elasticsearch

这个安装篇幅有点大,以后有空再写吧,这里只要在index确认有收到access-%{+YYYY.MM.dd}就可以了

Grafana

这个在之前和zabbix结合的时候就已经安装过了

这里就直接导入worldmap panel吧

grafana-cli plugins install grafana-worldmap-panel

接着配置ES做grafana的data source

接下来就直接配置worldmap panel吧

自此就配置完毕了

ps:听说可以用geohash实现精确到地级而不是国家级的显示,目前还没玩出,等后续消息吧

发表评论

电子邮件地址不会被公开。 必填项已用*标注

This blog is kept spam free by WP-SpamFree.