test : - ###创建用户时没有添加-r参数,所以没有用户角色
3、 测试用户登录 # curl :9200/_xpack/ --user admin:kbsonlong{"build":{"hash":"7763f8e","date":"2016-10-26T04:51:59.202Z"},"license":{"uid":"06a82587-66ac-4d4a-90c4-857d9ca7f3bc","type":"trial","mode":"trial","status":"active","expiry_date_in_millis":1483753731066},"features":{"graph":{"description":"Graph Data Exploration for the Elastic Stack","available":true,"enabled":true},"monitoring":{"description":"Monitoring for the Elastic Stack","available":true,"enabled":true},"security":{"description":"Security for the Elastic Stack","available":true,"enabled":true},"watcher":{"description":"Alerting, Notification and Automation for the Elastic Stack","available":true,"enabled":true}},"tagline":"You know, for X"} 4、 删除用户 # /data/PRG/elasticsearch/bin/x-pack/users userdel test # /data/PRG/elasticsearch/bin/x-pack/users list admin : superuser 十、 安装filebeat # cd /data/PRG # tar zxvf / data/elk5.0/filebeat-5.0.0-linux-x86_64.tar.gz # mv filebeat-5.0.0-linux-x86_64 filebeat配置启动脚本
# vim /etc/init.d/filebeat
#!/bin/bash # # filebeat filebeat shipper # # chkconfig: 2345 98 02# ### BEGIN INIT INFO # Provides: filebeat # Required-Start: $local_fs $network $syslog # Required-Stop: $local_fs $network $syslog # Default-Start: 2 3 4 5# Default-Stop: 0 1 6# Short-Description: Sends log files to Logstash or directly to Elasticsearch. # Description: filebeat is a shipper part of the Elastic Beats # family. Please see: https://www.elastic.co/products/beats### END INIT INFO PATH=/usr/bin:/sbin:/bin:/usr/sbin export PATH [ -f /etc/sysconfig/filebeat ] && . /etc/sysconfig/filebeat pidfile=${PIDFILE-/data/PRG/filebeat/filebeat.pid} agent=${PB_AGENT-/data/PRG/filebeat/filebeat} args="-c /data/PRG/filebeat/filebeat.yml"test_args="-e -configtest"wrapper="filebeat-god"wrapperopts="-r / -n -p $pidfile"RETVAL=0# Source function library. . /etc/rc.d/init.d/functions # Determine if we can use the -p option to daemon, killproc, and status. # RHEL < 5 can't.if status | grep -q -- '-p' 2>/dev/null; thendaemonopts="--pidfile $pidfile"pidopts="-p $pidfile"fitest() { $agent $args $test_args } start() {echo -n $"Starting filebeat: "testif [ $? -ne 0 ]; thenechoexit 1fidaemon $daemonopts $wrapper $wrapperopts -- $agent $args RETVAL=$?echoreturn $RETVAL } stop() {echo -n $"Stopping filebeat: "killproc $pidopts $wrapper RETVAL=$?echo[ $RETVAL = 0 ] && rm -f ${pidfile} } restart() { testif [ $? -ne 0 ]; thenreturn 1fistop start } rh_status() { status $pidopts $wrapper RETVAL=$?return $RETVAL } rh_status_q() { rh_status >/dev/null 2>&1}case "$1" instart) start ;; stop) stop ;; restart) restart ;; condrestart|try-restart) rh_status_q || exit 0restart ;; status) rh_status ;;*)echo $"Usage: $0 {start|stop|status|restart|condrestart}"exit 1esacexit $RETVAL