This is a short step-by-step guide on installing ElasticSearch LogStash and Kibana Stack on a CentOS environment to gather and analyze logs.
rpm -ivh https://dl.dropboxusercontent.com/u/5756075/jdk-7u45-linux-x64.rpm
#!/bin/bash | |
/sbin/ss -ant | awk "{if (NR>1) {state[\$1]++}} END {host = \"-\"; \ | |
for (i in state) {s=i; \ | |
sub (/ESTAB/, \"establ\", s); sub (/LISTEN/, \"listen\", s); sub (/SYN-SENT/, \"synsent\", s); \ | |
sub (/SYN-RECV/, \"synrecv\", s); sub (/FIN-WAIT-1/, \"finw1\", s); sub (/FIN-WAIT-2/, \"finw2\", s); \ | |
sub (/CLOSE-WAIT/, \"closew\", s); sub (/TIME-WAIT/, \"timew\", s); print host, \"tcp.\"s, state[i]}}" \ | |
| /usr/bin/zabbix_sender -vv -c /etc/zabbix/zabbix_agentd.conf -i - 2>&1 | |
echo "1" | |
exit 0 |
#!/bin/bash | |
MONGODB_REPO="/etc/yum.repos.d/10gen-mongodb.repo" | |
CENTOS_REPO="/etc/yum.repos.d/CentOS-Base.repo" | |
EPEL_REPO="/etc/yum.repos.d/epel.repo" | |
PASSENGER_REPO="/etc/yum.repos.d/passenger.repo" | |
APP_ROOT="/opt" | |
[ -f "$APP_ROOT" ] || mkdir -p $APP_ROOT |
# Configuration file for runtime kernel parameters. | |
# See sysctl.conf(5) for more information. | |
# See also http://www.nateware.com/linux-network-tuning-for-2013.html for | |
# an explanation about some of these parameters, and instructions for | |
# a few other tweaks outside this file. | |
# Protection from SYN flood attack. | |
net.ipv4.tcp_syncookies = 1 |
Graphite does two things:
What Graphite does not do is collect data for you, however there are some tools out there that know
I'm looking to centralize logging for our dev team into Elasticsearch via Logstash. The wrinkle is that we aren't a Java shop, so installing java on our hosts just to ship logs back to a central Logstash indexer is something we'd like to avoid. So, I'm approaching things as a chance to understand RSyslog and its capabilities as a log shipper.
Uncomment the following lines in /etc/rsyslog.conf
. This will enable the rsyslog daemon to listen for incoming requests on TCP port 514. We're using TCP here so that we can have some confidence that the messages from the agent hosts reach the indexer. (More on this below)
upstream fastcgi_backend { | |
server unix:/var/run/php5-fpm.sock; | |
} | |
server { | |
listen 80; | |
## Ex. yourdomain.com | |
server_name mage.dev; | |
## Define project root | |
set $MAGE_ROOT /var/www/magento2; |
# to generate your dhparam.pem file, run in the terminal | |
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
#!/bin/bash | |
MONGODB_REPO="/etc/yum.repos.d/10gen-mongodb.repo" | |
if [ -f ${MONGODB_REPO} ]; then | |
echo "$MONGODB_REPO found" | |
else | |
cat << 'EOF' > ${MONGODB_REPO} | |
[10gen] | |
name=10gen Repository |
#!/bin/bash | |
INSTALL_ROOT="/opt" | |
echo "Installing ElasticSearch..." | |
cd $INSTALL_ROOT | |
curl -L http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-0.20.1.tar.gz | tar -xz | |
ln -s elasticsearch-0.20.1/ elasticsearch | |
echo "Installing ElasticSearch service wrapper..." |