elasticsearch


Shipping your Nginx logs to Elasticsearch using Logstash

First of all create a new log format in /etc/nginx/nginx.conf and add/replace an access log directive: log_format logstash ‘$http_host ‘ ‘$remote_addr [$time_local] ‘ ‘”$request” $status $body_bytes_sent ‘ ‘”$http_referer” “$http_user_agent” ‘ ‘$request_time ‘ ‘$upstream_response_time’; access_log /var/log/nginx/access.log logstash; Install Elasticsearch like described here. Install Logstash like described here. Add the following pattern to logstash in /opt/logstash/paggerns/nginx: NGUSERNAME […]


Install Elasticsearch on Debian/Ubuntu

Install Java: apt-get update apt-get install -y openjdk-8-jre openjdk-8-jre-headless On older Debian releases you may only find openjdk-7-jre openjdk-7-jre-headless instead. Add the repository and install Elasticsearch: wget -qO – https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add – apt-get install -y apt-transport-https software-properties-common add-apt-repository “deb https://artifacts.elastic.co/packages/5.x/apt stable main” apt-get update apt-get install -y elasticsearch On older Debian releases […]


Installing an Elasticsearch Cluster with 2 Nodes

Download the latest version of Elasticsearch from here and unpack it to /opt: cd /opt wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.4.tar.gz tar -xvpf elasticsearch-1.3.4.tar.gz ln -s elasticsearch-1.3.4 elasticsearch Given you want to create a cluster named my-ecs-cluster, having 2 nodes with IP address 192.168.45.21 and 192.168.45.21 (change it according to your setup, you might also want to use hostnames instead of […]