filebeat 配置文件
root@Product3:/etc/filebeat#catfilebeat.yml filebeat.prospectors: -type:log enabled:true paths: -/var/www/bigbear_server/shared/log/ms.log fields: log_tpics:server -type:log enabled:true paths: -/var/www/bigbear_sidekiq/shared/log/ms.log fields: log_tpics:sidekiq -type:log enables:true paths: -/application/Nginx/logs/access810*.log fields: log_tpics:Nginx output.logstash: hosts:["x.x.x.x:5044"]
Logstash配置文件
root@Product4:/application/logstash-6.2.4/bin#cat../config/02-beats-input.conf input{ beats{ #host=>"x.x.x.x" codec=>plain{charset=>"UTF-8"} port=>5044 #ssl=>true #ssl_certificate=>"/etc/pki/tls/certs/logstash-forwarder.crt" #ssl_key=>"/etc/pki/tls/private/logstash-forwarder.key" } } output{ elasticsearch{ codec=>plain{charset=>"UTF-8"} hosts=>"http://localhost:9200" #sniffing=>true manage_template=>false index=>"%{[fields][log_topics]}--%{+YYYY.MM.dd}" document_type=>"%{[@Metadata][type]}" } }
查看logstash的打开文件数和描述
root@Product4:/application/logstash-6.2.4/bin#curl-XGET'localhost:9600/_node/stats/process?pretty'
{
"host":"Product4","version":"6.2.4","http_address":"127.0.0.1:9600","id":"6e6fc083-b27e-4227-8dd4-dec6bcc5ff4d","name":"Product4","process":{
"open_file_descriptors":146,"peak_open_file_descriptors":147,"max_file_descriptors":65536,"mem":{
"total_virtual_in_bytes":14873796608
},"cpu":{
"total_in_millis":134210,"percent":0,"load_average":{
"1m":0.79,"5m":0.77,"15m":0.48
}
}
}
}
注意“open_file_descriptors”和“peak_open_file_descriptors”,我们看到那些超过1000(当它们通常在100和500之间时)。当该措施达到四位或五位数时,logstash正在降低(或已经下降)
当上述计数器位于5位时,“lsof -p LogstashPID | wc -l”命令仍会返回一个更小的数字(小于400)。
例如,在上面的例子中,logstash在达到10000的时候已经下降了。(Prob更早)
但我还不知道从这里做什么。
原文地址:https://www.jb51.cc/ubuntu/349369.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
