kbrnsr · August 29, 2015 14:05
diff --git a/logstash-bootstrap.sh b/logstash-bootstrap.sh
 #!/bin/bash
 # Created Fri Mar 22 2014
 # This is an indirect fork of https://gist.github.com/SeonghoonKim/4378896
 # Most of it was reworked from http://blog.basefarm.com/blog/how-to-install-logstash-with-kibana-interface-on-rhel/
 # This script will download, install and start 
 # the following items on CentOS 6.5:
 # Logstash server 1.4.0
 #
 # This script should be safe to run more than one time.  YMMV
 APP_ROOT="/opt"
 ORIG_WKDIR=$(pwd)

 [ -f "$APP_ROOT" ] || mkdir -p $APP_ROOT

 echo "Stopping any running services..."
 service logstash stop

 MYRANDOM=$RANDOM
 echo "Moving old files to $APP_ROOT/OLD_$MYRANDOM..."
 mkdir $APP_ROOT/OLD_$MYRANDOM
 mv $APP_ROOT/logstash* $APP_ROOT/OLD_$MYRANDOM
 rmdir $APP_ROOT/OLD_$MYRANDOM >/dev/null 2>&1

 echo "Checking and/or getting files..."
 if [ ! -d "$APP_ROOT/sources" ]; then mkdir "$APP_ROOT/sources"; fi
 if [ ! -f "$APP_ROOT/sources/logstash-1.4.2.tar.gz" ]; then
 curl -o "$APP_ROOT/sources/logstash-1.4.2.tar.gz" -L https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz
 fi

 echo "Extracting logstash..."
 cd "$APP_ROOT"
 tar xf sources/logstash-1.4.2.tar.gz
 ln -s "$APP_ROOT/logstash-1.4.2" "$APP_ROOT/logstash"

 mkdir "$APP_ROOT/logstash/conf.d"

 cat << 'EOF' > "$APP_ROOT/logstash/conf.d/logstash.conf"
 input {
 syslog {
 type => syslog
 port => 514
 codec => plain { charset => "ISO-8859-1" }
 }

 #To genereate some logging.  Remove the next section if desired.  Delete from here...
 file {
 type => "syslog"
 path => [ "/var/log/elasticsearch/*.log" ]
 }
 #...to here.
 }


 filter {
 mutate {
 add_field => [ "hostip", "%{host}" ]
 }
 dns {
 reverse => [ "host" ]
 action => "replace"
 }
 }

 output {
 elasticsearch {
 host => "localhost"
 cluster => "elasticsearch"
 }
 }
 EOF

 echo "Creating log directory"
 mkdir /var/log/logstash

 echo "Creating service files"
 cat << 'EOF' > /etc/init.d/logstash
 #!/bin/sh
 ### BEGIN INIT INFO
 # Provides: Logstash 1.4 init.d script
 # Required-Start: $remote_fs $syslog
 # Required-Stop: $remote_fs $syslog
 # Default-Start: 2 3 4 5
 # Default-Stop: 0 1 6
 # Description: Starts the Logstash 1.4
 ### END INIT INFO
 export HOME=/opt/logstash
 case "$1" in
 'start')
 /opt/logstash/bin/logstash -f /opt/logstash/conf.d/*.conf > /var/log/logstash/logstash.log 2>/var/log/logstash/logstash.err & 
 ;;
 'stop')
 /usr/bin/kill -9 `ps auxww |grep logstash |grep *.conf | awk '{print $2}'`
 ;;
 'restart')
 /etc/init.d/logstash stop
 /etc/init.d/logstash start
 ;;
 *)
 echo "Usage: $0 { start | stop |restart }"
 ;;
 esac
 exit 0
 EOF

 chmod +x /etc/init.d/logstash
 chkconfig --add logstash
 chkconfig logstash on
	#!/bin/bash
	# Created Fri Mar 22 2014
	# This is an indirect fork of https://gist.github.com/SeonghoonKim/4378896
	# Most of it was reworked from http://blog.basefarm.com/blog/how-to-install-logstash-with-kibana-interface-on-rhel/
	# This script will download, install and start
	# the following items on CentOS 6.5:
	# Logstash server 1.4.0
	#
	# This script should be safe to run more than one time. YMMV
	APP_ROOT="/opt"
	ORIG_WKDIR=$(pwd)

	[ -f "$APP_ROOT" ] \|\| mkdir -p $APP_ROOT

	echo "Stopping any running services..."
	service logstash stop

	MYRANDOM=$RANDOM
	echo "Moving old files to $APP_ROOT/OLD_$MYRANDOM..."
	mkdir $APP_ROOT/OLD_$MYRANDOM
	mv $APP_ROOT/logstash* $APP_ROOT/OLD_$MYRANDOM
	rmdir $APP_ROOT/OLD_$MYRANDOM >/dev/null 2>&1

	echo "Checking and/or getting files..."
	if [ ! -d "$APP_ROOT/sources" ]; then mkdir "$APP_ROOT/sources"; fi
	if [ ! -f "$APP_ROOT/sources/logstash-1.4.2.tar.gz" ]; then
	curl -o "$APP_ROOT/sources/logstash-1.4.2.tar.gz" -L https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz
	fi

	echo "Extracting logstash..."
	cd "$APP_ROOT"
	tar xf sources/logstash-1.4.2.tar.gz
	ln -s "$APP_ROOT/logstash-1.4.2" "$APP_ROOT/logstash"

	mkdir "$APP_ROOT/logstash/conf.d"

	cat << 'EOF' > "$APP_ROOT/logstash/conf.d/logstash.conf"
	input {
	syslog {
	type => syslog
	port => 514
	codec => plain { charset => "ISO-8859-1" }
	}

	#To genereate some logging. Remove the next section if desired. Delete from here...
	file {
	type => "syslog"
	path => [ "/var/log/elasticsearch/*.log" ]
	}
	#...to here.
	}


	filter {
	mutate {
	add_field => [ "hostip", "%{host}" ]
	}
	dns {
	reverse => [ "host" ]
	action => "replace"
	}
	}

	output {
	elasticsearch {
	host => "localhost"
	cluster => "elasticsearch"
	}
	}
	EOF

	echo "Creating log directory"
	mkdir /var/log/logstash

	echo "Creating service files"
	cat << 'EOF' > /etc/init.d/logstash
	#!/bin/sh
	### BEGIN INIT INFO
	# Provides: Logstash 1.4 init.d script
	# Required-Start: $remote_fs $syslog
	# Required-Stop: $remote_fs $syslog
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Description: Starts the Logstash 1.4
	### END INIT INFO
	export HOME=/opt/logstash
	case "$1" in
	'start')
	/opt/logstash/bin/logstash -f /opt/logstash/conf.d/*.conf > /var/log/logstash/logstash.log 2>/var/log/logstash/logstash.err &
	;;
	'stop')
	/usr/bin/kill -9 `ps auxww \|grep logstash \|grep *.conf \| awk '{print $2}'`
	;;
	'restart')
	/etc/init.d/logstash stop
	/etc/init.d/logstash start
	;;
	*)
	echo "Usage: $0 { start \| stop \|restart }"
	;;
	esac
	exit 0
	EOF

	chmod +x /etc/init.d/logstash
	chkconfig --add logstash
	chkconfig logstash on