[root@log-monitor ~]# cat /etc/nginx/conf.d/elk.conf upstream elk { ip_hash; server 172.17.0.1:5601 max_fails=3 fail_timeout=30s; server 172.17.0.1:5601 max_fails=3 fail_timeout=30s; } server { listen 80; server_name localhost; server_tokens off; #close slow conn client_body_timeout 5s; client_header_timeout 5s; location / { proxy_pass http://elk/; index index.html index.htm; #auth auth_basic "ELK Private,Don't try GJ!"; auth_basic_user_file /etc/nginx/.htpasswd; } }
文件内容大致解释:
此处省略500字
3.新建一个http基本认证用户,使用的是httpd的一个工具组件,叫httpd-tools,用于生成加密的用户数据库
[root@log-monitor ~]# yum install httpd-tools –y
新建用户:
[root@log-monitor ~]# htpasswd -cm /etc/nginx/.htpasswd elk New password: Re-type new password: Adding password for user elk
重启nginx,并检查状态
[root@log-monitor ~]# systemctl start nginx
[root@log-monitor ~]# systemctl status nginx
● nginx.service- nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since Fri2016-09-09 12:02:41 CST; 47s ago
Docs: http://nginx.org/en/docs/
Process: 26422 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Process:26420 ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Main PID:26424 (nginx)
CGroup:/system.slice/nginx.service
├─26424 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
└─26425 nginx: worker process
Sep09 12:02:41 log-monitor systemd[1]: Starting nginx - high performance web server...
Sep09 12:02:41 log-monitor nginx[26420]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Sep09 12:02:41 log-monitor nginx[26420]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Sep09 12:02:41 log-monitor systemd[1]: Started nginx - high performance web server.
Sep09 12:03:13 log-monitor systemd[1]: Started nginx - high performance web server.
Sep09 12:03:26 log-monitor systemd[1]: Started nginx - high performance web server.
检查监听端口:
[root@log-monitor ~]# netstat -ultpn | grep :8888 tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 26424/nginx: master
修改iptables防火墙,插入以下规则,允许外面访问8888端口。由于我们最终是使用8888端口对外提供服务的,所以kibana的5601,以及es的9200、9300端口都不需要对外
[root@log-monitor ~]# iptables -I INPUT -p tcp -m state --state NEW --dport 8888 -j ACCEPT
4.访问一下网站,验证下:
输入我们建立的elk用户,登陆后,可以正常的访问kibana界面即可,如下图:
添加一个索引,这个索引名字就是我们之前在logstash配置文件中导入es中的那个,本文中是logstash-nginx-access-*,如下图:
查看索引,目前自由一个,设置为加星,即是discover默认突出显示的。
然后我们点击Discover,即可看到我们倒入的数据了。如下图: