Skip to content

Instantly share code, notes, and snippets.

@martinliu

martinliu/add-host.sh

Last active July 8, 2020 17:19
Show Gist options
  • Save martinliu/9c3864300cae3ce5854ceb3efb37b283 to your computer and use it in GitHub Desktop.
Save martinliu/9c3864300cae3ce5854ceb3efb37b283 to your computer and use it in GitHub Desktop.
Download ZIP
Install and configure Elastic Beats on a host.
Raw
add-host.sh
#!/bin/bash
# author: Martin Liu
# url:martinliu.cn
elastic_version='7.5.1'
b_rpm='https://mirrors.cloud.tencent.com/elasticstack/7.x/yum'
b_es='192.168.0.12:9200'
b_user='beats-writer'
b_pwd='DevOpsMeetup'
echo "############## Installing a Beats "$elastic_version" agent..."
yum install -y $b_rpm/$elastic_version/filebeat-$elastic_version-x86_64.rpm
systemctl enable filebeat.service
filebeat modules enable system
yum install -y $b_rpm/$elastic_version/metricbeat-$elastic_version-x86_64.rpm
systemctl enable metricbeat.service
yum install -y $b_rpm/$elastic_version/auditbeat-$elastic_version-x86_64.rpm
systemctl enable auditbeat.service
echo "################### Update Beats configuration files ..."
cp -f /root/filebeat-v1.yml /etc/filebeat/filebeat.yml
cp -f /root/metricbeat-v1.yml /etc/metricbeat/metricbeat.yml
echo "################### Setup Keystor for Beats ..."
echo $b_es | sudo filebeat keystore add INT_ES_SRV --stdin --force
echo $b_user | sudo filebeat keystore add BEATS_WRITER_USERNAME --stdin --force
echo $b_pwd | sudo filebeat keystore add BEATS_WRITER_PW --stdin --force
echo $b_es | sudo metricbeat keystore add INT_ES_SRV --stdin --force
echo $b_user | sudo metricbeat keystore add BEATS_WRITER_USERNAME --stdin --force
echo $b_pwd | sudo metricbeat keystore add BEATS_WRITER_PW --stdin --force
echo "################### Start Beats services ..."
sudo systemctl start metricbeat.service
sudo systemctl start filebeat.service
Raw
filebeat.yml
#=========================== Filebeat inputs =============================
filebeat.inputs:
- type: log
enabled: false
paths:
- /var/log/*.log
#============================= Filebeat modules ===============================
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: true
reload.period: 60s
#-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
hosts: ["${INT_ES_SRV}"]
password: ${BEATS_WRITER_PW}
username: ${BEATS_WRITER_USERNAME}
#================================ Processors =====================================
processors:
- add_host_metadata:
netinfo.enabled: true
cache.ttl: 5m
geo:
name: bj-dc-01
location: 35.5528, 116.2360
continent_name: Asia
country_iso_code: CN
region_name: Beijing
region_iso_code: CN-BJ
city_name: Beijing
- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_kubernetes_metadata: ~
- add_fields:
target: ''
fields:
service.name: 'Joint Lab'
service.id: 'es-qq'
#==================== Best Practice Configuration ==========================
setup.ilm.check_exists: false
logging.level: error
queue.spool: ~
Raw
metricbeat.yml
# =========================== Modules configuration ============================
metricbeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: true
reload.period: 10s
#-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
hosts: ["${INT_ES_SRV}"]
password: ${BEATS_WRITER_PW}
username: ${BEATS_WRITER_USERNAME}
#================================ Processors =====================================
processors:
- add_host_metadata:
netinfo.enabled: true
cache.ttl: 5m
geo:
name: bj-dc-01
location: 35.5528, 116.2360
continent_name: Asia
country_iso_code: CN
region_name: Beijing
region_iso_code: CN-BJ
city_name: Beijing
- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_kubernetes_metadata: ~
- add_fields:
target: ''
fields:
service.name: 'Joint Lab'
service.id: 'es-qq'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment