**前置文章:**[CentOS 7.6 安装 Logstash](https://www.xiaoleizhang.com/index.php/archives/82/ "CentOS 7.6 安装 Logstash") **前置文章:**[CentOS 7.6 安装 Elasticsearch](https://www.xiaoleizhang.com/index.php/archives/91/ "CentOS 7.6 安装 Elasticsearch") **前置文章:**[CentOS 7.6 安装 Kibana](https://www.xiaoleizhang.com/index.php/archives/93/ "CentOS 7.6 安装 Kibana") 环境配置 |服务器| IP地址| | ------------ | ------------ | |Logstash+Nginx服务器|10.60.60.60| |Elasticsearch服务器|10.60.60.9| |Kibana服务器|10.60.60.27| ------------ ------------ # 一、软件版本 Elasticsearch版本:7.16.2 Kibana版本:7.16.2 # 二、配置用户名密码 修改Elasticsearch的配置文件:confige下的elasticsearch.yml ```shell [root@10-60-60-9 ~]# vim /usr/local/elasticsearch/config/elasticsearch.yml ``` 在配置文件的底下,添加如下配置 ```shell xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true ``` 需要重启下Elasticsearch,使修改的配置文件生效,你可以重启进程,或者跟我之前的一样重启下Elasticsearch的Service ```shell systemctl restart elasticsearch.service ``` 在Elasticsearch的bin目录下,执行设置用户名和密码的命令 ```shell /usr/local/elasticsearch/bin/elasticsearch-setup-passwords interactive ``` 这里会设置六个账号的密码:elastic,apm_system,kibana_system,logstash_system,beats_system,remote_monitoring_user。 ```shell [root@10-60-60-9 ~]# /usr/local/elasticsearch/bin/elasticsearch-setup-passwords interactive Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana_system]: Reenter password for [kibana_system]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic] [root@10-60-60-9 ~]# ``` 修改10.60.60.27上的kibana的配置文件 ```shell vim /usr/local/kibana/config/kibana.yml ``` 找到下面两行去掉注释,注意这个用户名和密码要和你刚才设置的elasticsearch的账号密码一致。 ```shell elasticsearch.username: "elastic" elasticsearch.password: "1qaz@WSX" ``` 密码修改好后,需要重启下kibana ```shell systemctl restart kibana.service ``` Elasticsearch修改密码的命令如下: ```shell curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "1qaz@WSX" }' ``` ```shell [root@10-60-60-9 ~]# curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "1qaz@WSX" }' Enter host password for user 'elastic': #这里填写之前elasticsearch设置的密码 {}[root@10-60-60-9 ~]# ``` # 三、测试效果 ## 1、测试访问Elasticsearch 效果如下图所示 ![Elasticsearch访问测试.png](https://www.xiaoleizhang.com/usr/uploads/2022/01/3656677392.png) ## 2、测试访问Kibana 效果如下图所示 ![Kibana访问测试.png](https://www.xiaoleizhang.com/usr/uploads/2022/01/1919551699.png) # 四、注意点 **注意由于Elasticsearch设置了密码,所以之前设置的Logstash也需要更改下配置,增加账号密码验证。不然日志不会过来。如下图所示,发现后序没有日志了** ![Kibana无index.png](https://www.xiaoleizhang.com/usr/uploads/2022/01/834465434.png) 登录Logstash,修改配置文件 ```shell vim /usr/local/logstash/config/syslog.conf ``` 根据如下所示增加配置 ```shell input { syslog { type => "system-syslog" port => 10514 } } output { elasticsearch { hosts => ["10.60.60.9:9200"] user => "elastic" #增加验证elasticsearch设置的账号 password => "1qaz@WSX" #增加验证elasticsearch设置的密码 index => "system-syslog-%{+YYYY.MM}" } } ``` 重启logstash服务 ```shell systemctl status logstash.service ``` 重新查看kibana上的index,发现已经重新产生index了。 ![修改Logstash配置文件后,Kibana继续有index.png](https://www.xiaoleizhang.com/usr/uploads/2022/01/367741801.png) 最后修改:2022 年 01 月 25 日 © 允许规范转载 赞 0 如果觉得我的文章对你有用,请随意赞赏