tar zxvf jdk-7u67-linux-x64.tar.gz\?AuthParam\=1408083909_3bf5b46169faab84d36cf74407132b

mv jdk1.7.0_67 /usr/local/

cd /usr/local/

ln -s jdk1.7.0_67 jdk

chown -R root:root jdk/

export JAVA_HOME=/usr/local/jdk? ?

export JRE_HOME=$JAVA_HOME/jre

export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH

export PATH=$JAVA_HOME/bin:$PATH

export REDIS_HOME=/usr/local/redis

export ES_HOME=/usr/local/elasticsearch

export ES_CLASSPATH=$ES_HOME/config

java version "1.7.0_67"

Java(TM) SE Runtime Environment (build 1.7.0_67-b01)

Java HotSpot(TM) 64-Bit Server VM (build 24.65-b04, mixed mode)

wget http://download.redis.io/releases/redis-2.6.17.tar.gz

tar zxvf redis-2.6.17.tar.gz

mv redis-2.6.17 /usr/local/

cd /usr/local

ln -s redis-2.6.17 redis

cd /usr/local/redis

make

make install

Please select the redis port for this instance: [6379]

Selecting default: 6379

Please select the redis config file name [/etc/redis/6379.conf]

Selected default - /etc/redis/6379.conf

Please select the redis log file name [/var/log/redis_6379.log]

Selected default - /var/log/redis_6379.log

Please select the data directory for this instance [/var/lib/redis/6379]

Selected default - /var/lib/redis/6379

Please select the redis executable path [/usr/local/bin/redis-server]

daemonize yes

port 6379

timeout 300

tcp-keepalive 60

wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.2.tar.gz

tar zxvf elasticsearch-1.3.2.tar.gz

mv elasticsearch-1.3.2 /usr/local/

cd /usr/local/

ln -s elasticsearch-1.3.2 elasticsearch

elasticsearch/bin/elasticsearch -f

[2014-08-20 13:19:05,710][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] version[1.3.2], pid[19320], build[dee175d/2014-08-13T14:29:30Z]

[2014-08-20 13:19:05,727][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] initializing ...

[2014-08-20 13:19:05,735][INFO ][plugins? ? ? ? ? ? ? ? ? ] [Jackpot] loaded [], sites []

[2014-08-20 13:19:10,722][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] initialized

[2014-08-20 13:19:10,723][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] starting ...

[2014-08-20 13:19:10,934][INFO ][transport? ? ? ? ? ? ? ? ] [Jackpot] bound_address {inet[/0.0.0.0:9301]}, publish_address {inet[/61.x.x.x:9301]}

[2014-08-20 13:19:10,958][INFO ][discovery? ? ? ? ? ? ? ? ] [Jackpot] elasticsearch/5hUOX-2ES82s_0zvI9BUdg

[2014-08-20 13:19:14,011][INFO ][cluster.service? ? ? ? ? ] [Jackpot] new_master [Jackpot][5hUOX-2ES82s_0zvI9BUdg][Impala][inet[/61.x.x.x:9301]], reason: zen-disco-join (elected_as_master)

[2014-08-20 13:19:14,060][INFO ][http? ? ? ? ? ? ? ? ? ? ?] [Jackpot] bound_address {inet[/0.0.0.0:9201]}, publish_address {inet[/61.x.x.x:9201]}

[2014-08-20 13:19:14,061][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] started

[2014-08-20 13:19:14,106][INFO ][gateway? ? ? ? ? ? ? ? ? ] [Jackpot] recovered [0] indices into cluster_state

?

?

[2014-08-20 13:20:58,273][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] stopping ...

[2014-08-20 13:20:58,323][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] stopped

[2014-08-20 13:20:58,323][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] closing ...

[2014-08-20 13:20:58,332][INFO ][node? ? ? ? ? ? ? ? ? ? ?] [Jackpot] closed

{

? "status" : 200,

? "name" : "Steve Rogers",

? "version" : {

?? ?"number" : "1.3.2",

?? ?"build_hash" : "dee175dbe2f254f3f26992f5d7591939aaefd12f",

?? ?"build_timestamp" : "2014-08-13T14:29:30Z",

?? ?"build_snapshot" : false,

?? ?"lucene_version" : "4.9"

? },

? "tagline" : "You Know, for Search"

}

wget https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz

tar zxvf logstash-1.4.2.tar.gz

mv logstash-1.4.2 /usr/local

cd /usr/local

ln -s logstash-1.4.2 logstash

mkdir logstash/conf

chown -R root:root logstash

wget https://download.elasticsearch.org/kibana/kibana/kibana-3.1.0.tar.gz

tar zxvf kibana-3.1.0.tar.gz

mv kibana-3.1.0 /opt/htdocs/www/kibana

vi /opt/htdocs/www/kibana/config.js

iptables -A INPUT -p tcp -m tcp -s 118.x.x.x/16 --dport 9200 --j ACCEPT

#省略其它內容

?

# Remote logging syslog

source s_remote {

?? ? ? ?udp(ip(192.168.0.39) port(514));

};

?

#nginx log

source s_remotetcp {

?? ? ? ?tcp(ip(192.168.0.39) port(514) log_fetch_limit(100) log_iw_size(50000) max-connections(50) );

};

?

filter f_filter12? ? ?{ program('c1gstudio\.com'); };

?

#logstash syslog

destination d_logstash_syslog { udp("localhost" port(10999) localport(10998)? ); };

?

#logstash web

destination d_logstash_web { tcp("localhost" port(10997) localport(10996) ); };

?

log { source(s_remote); destination(d_logstash_syslog); };

?

log { source(s_remotetcp); filter(f_filter12); destination(d_logstash_web); };

input {

? udp {

?? ?port => 10999

?? ?type => syslog

? }

}

filter {

? if [type] == "syslog" {

?? ?grok {

?? ? ?match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }

?? ? ?add_field => [ "received_at", "%{@timestamp}" ]

?? ? ?add_field => [ "received_from", "%{host}" ]

?? ?}

?? ?syslog_pri { }

?? ?date {

?? ? ?match => [ "syslog_timestamp", "MMM? d HH:mm:ss", "MMM dd HH:mm:ss" ]

?? ?}

? }

}

?

output {

? elasticsearch {

? host => localhost? ?

? index => "syslog-%{+YYYY}"

}

}

input {

? tcp {

?? ?port => 10997

?? ?type => web

? }

}

filter {

? grok {

?? ?match => [ "message", "%{SYSLOGTIMESTAMP:syslog_timestamp} (?:%{SYSLOGFACILITY:syslog_facility} )?%{SYSLOGHOST:syslog_source} %{PROG:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{IPORHOST:clientip} - (?:%{USER:remote_user}|-) \[%{HTTPDATE:timestamp}\] \"%{WORD:method} %{URIPATHPARAM:request} HTTP/%{NUMBER:httpversion}\" %{NUMBER:status} (?:%{NUMBER:body_bytes_sent}|-) \"(?:%{URI:http_referer}|-)\" %{QS:agent} (?:%{IPV4:http_x_forwarded_for}|-)"]

?? ?remove_field => [ '@version?','host','syslog_timestamp','syslog_facility','syslog_pid']

? }

? date {

?? ?match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]

? }

?? useragent {

?? ? ? ?source => "agent"

?? ? ? ?prefix => "useragent_"

?? ? ? ?remove_field => [ "useragent_device", "useragent_major", "useragent_minor" ,"useragent_patch","useragent_os","useragent_os_major","useragent_os_minor"]

?? ?}

?? geoip {

?? ? ? ?source => "clientip"

?? ? ? ?fields => ["country_name", "region_name", "city_name", "real_region_name", "latitude", "longitude"]

?? ? ? ?remove_field => [ "[geoip][longitude]", "[geoip][latitude]","location","region_name" ]

?? ?}

}

?

output {

? #stdout { codec => rubydebug }

?redis {

?batch => true

?batch_events => 500

?batch_timeout => 5

?host => "127.0.0.1"

?data_type => "list"

?key => "logstash:web"

?workers => 2

?}

}

input {

? redis {

?? ?host => "127.0.0.1"

?? ?port => "6379"

?? ?key => "logstash:web"

?? ?data_type => "list"

?? ?codec? => "json"

?? ?type => "web"

? }

}

?

output {

? elasticsearch {

? flush_size => 5000

? host => localhost

? idle_flush_time => 10

? index => "web-%{+YYYY.MM.dd}"

? }

? #stdout { codec => rubydebug }

}

2.4mb]->[2.4mb]/[273mb]}{[survivor] [3.6mb]->[34.1mb]/[34.1mb]}{[old] [79.7mb]->[80mb]/[682.6mb]}

[2014-08-26 10:37:14,953][WARN ][monitor.jvm? ? ? ? ? ? ? ] [Red Shift] [gc][young][71044][54078] duration [43s], collections [1]/[46.1s], total [43s]/[26.5m], memory [384.7mb]->[123mb]/[989.8mb], all_pools {[young] [270.5mb]->[1.3mb]/[273mb]}{[survivor] [34.1mb]->[22.3mb]/[34.1mb]}{[old] [80mb]->[99.4mb]/[682.6mb]}

[2014-08-26 10:38:03,619][WARN ][monitor.jvm? ? ? ? ? ? ? ] [Red Shift] [gc][young][71082][54080] duration [6.6s], collections [1]/[9.1s], total [6.6s]/[26.6m], memory [345.4mb]->[142.1mb]/[989.8mb], all_pools {[young] [224.2mb]->[2.8mb]/[273mb]}{[survivor] [21.8mb]->[34.1mb]/[34.1mb]}{[old] [99.4mb]->[105.1mb]/[682.6mb]}

[2014-08-26 10:38:10,109][INFO ][cluster.service? ? ? ? ? ] [Red Shift] removed {[logstash-Impala-26670-2010][av8JOuEoR_iK7ZO0UaltqQ][Impala][inet[/61.x.x.x:9302]]{client=true, data=false},}, reason: zen-disco-node_failed([logstash-Impala-26670-2010][av8JOuEoR_iK7ZO0UaltqQ][Impala][inet[/61.x.x.x:9302]]{client=true, data=false}), reason transport disconnected (with verified connect)

[2014-08-26 10:39:37,899][WARN ][monitor.jvm? ? ? ? ? ? ? ] [Red Shift] [gc][young][71171][54081] duration [3.4s], collections [1]/[4s], total [3.4s]/[26.6m], memory [411.7mb]->[139.5mb]/[989.8mb], all_pools {[young] [272.4mb]->[1.5mb]/[273mb]}{[survivor] [34.1mb]->[29.1mb]/[34.1mb]}{[old] [105.1mb]->[109mb]/[682.6mb]}

Downloading .........................................................................................................................................................................................................................................................DONE

Installed lukas-vlcek/bigdesk into /usr/local/elasticsearch/plugins/bigdesk

Identified as a _site plugin, moving to _site structure ...

wget http://jruby.org.s3.amazonaws.com/downloads/1.7.13/jruby-bin-1.7.13.tar.gz

mv jruby-1.7.13 /usr/local/

cd /usr/local/

ln -s jruby-1.7.13 jruby

wget http://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p547.tar.gz

tar zxvf ruby-1.9.3-p547.tar.gz

cd ruby-1.9.3-p547

./configure --prefix=/usr/local/ruby-1.9.3-p547

make && make install

cd /usr/local

ln -s ruby-1.9.3-p547 ruby