win10下安装Elasticsearch和kibana教程
一、安装jdk
1、下载网址:https://www.oracle.com/java/technologies/javase-jdk8-downloads.html
2、安装下载后的jdk
3、配置环境变量
二、下载Elasticsearch
1、下载网址:https://www.elastic.co/downloads/elasticsearch
2、将下载好的es安装包在自己的目录解压
3、进入安装目录,执行命令 ./bin/elasticsearch.bat(或进入bin目录双击elasticsearch.bat文件运行)启动
4、访问http://localhost:9200/
{
"name" : "DESKTOP-TDN2HSE",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "JvGLMa7HSaSFypB6eOitYQ",
"version" : {
"number" : "7.6.2",
"build_flavor" : "default",
"build_type" : "zip",
"build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date" : "2020-03-26T06:34:37.794943Z",
"build_snapshot" : false,
"lucene_version" : "8.4.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
返回如上json字符串,即表明es安装成功
5、如启动不成功,根究对应的错误提示操作
1)、如 not fund java一类的错误,请仔细检查jdk环境变量是否配置正确;
2)、JAVA_HOME中不要带有特殊符号(如:D:\Program Files\Java\jdk1.8.0_211)
3)、path中配置不要带磁盘符(如:;%JAVA_HOME%\bin;%JAVA_HOME%\jre;
而非D:;%JAVA_HOME%\bin;%JAVA_HOME%\jre;)
4)、不要带有空格
三、安装kibana插件
1、下载网址:https://www.elastic.co/downloads/kibana
2、将下载后的kibana解压到自己的文件夹
3、进入安装目录,执行命令./bin/kibana.bat(或进入bin目录双击kibana.bat)启动kibana插件
log [08:39:01.137] [info][plugins-service] Plugin "case" is disabled.
log [08:39:33.985] [info][plugins-system] Setting up [37] plugins: [taskManager,siem,licensing,infra,code,encryptedSavedObjects,timelion,features,security,usageCollection,metrics,canvas,apm_oss,translations,reporting,uiActions,data,navigation,share,status_page,newsfeed,inspector,embeddable,advancedUiActions,dashboard_embeddable_container,expressions,visualizations,kibana_legacy,management,dev_tools,home,spaces,cloud,apm,graph,eui_utils,bfetch]
log [08:39:33.987] [info][plugins][taskManager] Setting up plugin
log [08:39:33.999] [info][plugins][siem] Setting up plugin
log [08:39:34.000] [info][licensing][plugins] Setting up plugin
log [08:39:34.002] [info][infra][plugins] Setting up plugin
log [08:39:34.003] [info][code][plugins] Setting up plugin
log [08:39:34.003] [info][encryptedSavedObjects][plugins] Setting up plugin
log [08:39:34.004] [warning][config][encryptedSavedObjects][plugins] Generating a random key for xpack.encryptedSavedObjects.encryptionKey. To be able to decrypt encrypted saved objects attributes after restart, please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml
log [08:39:34.008] [info][plugins][timelion] Setting up plugin
log [08:39:34.009] [info][features][plugins] Setting up plugin
log [08:39:34.010] [info][plugins][security] Setting up plugin
log [08:39:34.011] [warning][config][plugins][security] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml
log [08:39:34.011] [warning][config][plugins][security] Session cookies will be transmitted over insecure connections. This is not recommended.
log [08:39:34.024] [info][plugins][usageCollection] Setting up plugin
log [08:39:34.026] [info][metrics][plugins] Setting up plugin
log [08:39:34.027] [info][canvas][plugins] Setting up plugin
log [08:39:34.030] [info][apm_oss][plugins] Setting up plugin
log [08:39:34.031] [info][plugins][translations] Setting up plugin
log [08:39:34.031] [info][data][plugins] Setting up plugin
log [08:39:34.035] [info][plugins][share] Setting up plugin
log [08:39:34.036] [info][home][plugins] Setting up plugin
log [08:39:34.040] [info][plugins][spaces] Setting up plugin
log [08:39:34.043] [info][cloud][plugins] Setting up plugin
log [08:39:34.044] [info][apm][plugins] Setting up plugin
log [08:39:34.049] [info][graph][plugins] Setting up plugin
log [08:39:34.051] [info][bfetch][plugins] Setting up plugin
log [08:39:34.057] [info][savedobjects-service] Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations...
log [08:39:34.123] [info][savedobjects-service] Starting saved objects migrations
log [08:39:34.141] [info][savedobjects-service] Creating index .kibana_task_manager_1.
log [08:39:34.152] [info][savedobjects-service] Creating index .kibana_1.
log [08:39:34.879] [info][savedobjects-service] Pointing alias .kibana_task_manager to .kibana_task_manager_1.
log [08:39:34.949] [info][savedobjects-service] Pointing alias .kibana to .kibana_1.
log [08:39:35.025] [info][savedobjects-service] Finished in 884ms.
log [08:39:35.061] [info][savedobjects-service] Finished in 927ms.
log [08:39:35.062] [info][plugins-system] Starting [22] plugins: [taskManager,siem,licensing,infra,code,encryptedSavedObjects,timelion,features,security,usageCollection,metrics,canvas,apm_oss,translations,data,share,home,spaces,cloud,apm,graph,bfetch]
log [08:39:40.386] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.389] [info][status][plugin:[email protected]] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [08:39:40.389] [info][status][plugin:[email protected]] Status changed from yellow to green - Ready
log [08:39:40.391] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.396] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.402] [info][kibana-monitoring][monitoring] Starting monitoring stats collection
log [08:39:40.403] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.408] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.413] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.415] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.417] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.455] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.457] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.461] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.465] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.467] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.472] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.485] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.494] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.505] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.509] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.514] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.516] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.519] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.530] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.532] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.533] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.543] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.548] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.566] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.569] [info][plugins][taskManager][taskManager] TaskManager is identified by the Kibana UUID: 0802300b-f729-4324-85b5-f34047248299
log [08:39:40.570] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.572] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.583] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.585] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.594] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.603] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.647] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.651] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.654] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.665] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.680] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.683] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.685] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.688] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.691] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.704] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.709] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.712] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.713] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.715] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.718] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:40.723] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.195] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.197] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.198] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.199] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.201] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.202] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:41.203] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:42.307] [warning][reporting] Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml
log [08:39:42.311] [info][status][plugin:[email protected]] Status changed from uninitialized to green - Ready
log [08:39:42.338] [info][listening] Server running at http://localhost:5601
log [08:39:47.421] [info][server][Kibana][http] http server running at http://localhost:5601
出现以上信息即为启动成功
4、访问http://localhost:5601/app/kibana#/dev_tools/console
进入kibana工具页面,进行es的相关操作。
5、直接关闭会导致kibana的进程一直被占用,会出现kibana关不掉的情况
解决办法:(本方案适用于解决所有进程占用,程序关不掉的情况)
1)、需要记住一直被占用的进程的端口号
2)、打开cmd命令窗口
3)、输入命令netstat -aon|findstr "5601" 查看当前端口被什么进程占用
4)、当通过第三步命令找到占用"5601"端口的进程PID
5)、通过命令tasklist|findstr "PID"找到占用当前端口的进程
6)、找到占用"5601"端口的node.exe程序,使用命令 taskkill /f /t /im node.exe结束当前进程即可
四、安装logstash插件
1、下载网址:https://www.elastic.co/downloads/logstash
2、将下载的logstash zip文件解压到自己的文件夹下
3、进入安装目录,执行命令./bin/logstash.bat -f ./config/logstash-sample.conf启动logstash插件
Sending Logstash logs to D:/developtools/logstash-7.6.2/logs which is now configured via log4j2.properties
[2020-04-28T17:25:25,321][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2020-04-28T17:25:25,400][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.6.2"}
[2020-04-28T17:25:25,421][INFO ][logstash.agent ] No persistent UUID file found. Generating new UUID {:uuid=>"62336d16-4060-40ad-bf3f-455adf6e4405", :path=>"D:/developtools/logstash-7.6.2/data/uuid"}
[2020-04-28T17:25:26,676][INFO ][org.reflections.Reflections] Reflections took 31 ms to scan 1 urls, producing 20 keys and 40 values
[2020-04-28T17:25:27,449][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://localhost:9200/]}}
[2020-04-28T17:25:27,595][WARN ][logstash.outputs.elasticsearch][main] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2020-04-28T17:25:27,633][INFO ][logstash.outputs.elasticsearch][main] ES Output version determined {:es_version=>7}
[2020-04-28T17:25:27,637][WARN ][logstash.outputs.elasticsearch][main] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>7}
[2020-04-28T17:25:27,684][INFO ][logstash.outputs.elasticsearch][main] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["http://localhost:9200"]}
[2020-04-28T17:25:27,721][INFO ][logstash.outputs.elasticsearch][main] Using default mapping template
[2020-04-28T17:25:27,748][WARN ][org.logstash.instrument.metrics.gauge.LazyDelegatingGauge][main] A gauge metric of an unknown type (org.jruby.specialized.RubyArrayOneObject) has been created for key: cluster_uuids. This may result in invalid serialization. It is recommended to log an issue to the responsible developer/development team.
[2020-04-28T17:25:27,752][INFO ][logstash.javapipeline ][main] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>6, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>750, "pipeline.sources"=>["D:/developtools/logstash-7.6.2/config/logstash-sample.conf"], :thread=>"#" }
[2020-04-28T17:25:27,779][INFO ][logstash.outputs.elasticsearch][main] Attempting to install template {:manage_template=>{"index_patterns"=>"logstash-*", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s", "number_of_shards"=>1}, "mappings"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"*", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}
[2020-04-28T17:25:27,795][INFO ][logstash.outputs.elasticsearch][main] Installing elasticsearch template to _template/logstash
[2020-04-28T17:25:28,324][INFO ][logstash.inputs.beats ][main] Beats inputs: Starting input listener {:address=>"0.0.0.0:5044"}
[2020-04-28T17:25:28,338][INFO ][logstash.javapipeline ][main] Pipeline started {"pipeline.id"=>"main"}
[2020-04-28T17:25:28,423][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2020-04-28T17:25:28,449][INFO ][org.logstash.beats.Server][main] Starting server on port: 5044
[2020-04-28T17:25:28,681][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
出现以上信息即为启动成功
4、访问http://localhost:9600/ 出现以下信息
{"host":"DESKTOP-TDN2HSE","version":"7.6.2","http_address":"127.0.0.1:9600","id":"62336d16-4060-40ad-bf3f-455adf6e4405","name":"DESKTOP-TDN2HSE","ephemeral_id":"28976125-8b4f-4735-81f3-1209de9ee07a","status":"green","snapshot":false,"pipeline":{"workers":6,"batch_size":125,"batch_delay":50},"build_date":"2020-03-26T08:53:57+00:00","build_sha":"d106e8b43ddb28a10b529298e3c1dc6ddc9da2ce","build_snapshot":false}
五、图形化界面工具
1、图形化界面cerebro
1)、下载地址:https://github.com/lmenezes/cerebro/releases
2)、将下载的cerebro-0.9.0.zip文件解压自己的目录
3)、使用命令./bin/cerebro.bat启动cerebro
[info] play.api.Play - Application started (Prod) (no global state)
[info] p.c.s.AkkaHttpServer - Listening for HTTP on /0:0:0:0:0:0:0:0:9000
出现上诉信息即为启动成功
4)、访问http://localhost:9000/ 输入需要连接的es即可,注意带上http
2、图形化界面ElasticHD
1)、下载地址:https://github.com/360EntSecGroup-Skylar/ElasticHD/releases
2)、将下载的elasticHD_windows_amd64.zip解压到自己的目录下
3)、双击ElasticHD.exe文件运行ElasticHD
4)、需注意的是双击时会自动打开一个页面显示500错误,关闭该页面,
在Google浏览器访问http://localhost:9800/ 即可
