{"id":1649,"date":"2022-05-04T21:31:58","date_gmt":"2022-05-04T13:31:58","guid":{"rendered":"https:\/\/www.buyao007.icu\/?p=1649"},"modified":"2022-05-07T22:47:32","modified_gmt":"2022-05-07T14:47:32","slug":"6-kibana%e5%ae%89%e5%85%a8%e8%ae%bf%e9%97%ae%e6%8e%a7%e5%88%b6","status":"publish","type":"post","link":"https:\/\/www.buyao007.icu\/?p=1649","title":{"rendered":"6.Kibana\u5b89\u5168\u8bbf\u95ee\u63a7\u5236"},"content":{"rendered":"\n

\u5b59\u5bcc\u9633\uff0c \u6c5f\u6e56\u4eba\u79f0\u6ca1\u4eba\u79f0\u3002\u591a\u5e74\u4e92\u8054\u7f51\u8fd0\u7ef4\u5de5\u4f5c\u7ecf\u9a8c\uff0c\u66fe\u8d1f\u8d23\u8fc7\u5b59\u5e03\u65af\u5927\u89c4\u6a21\u96c6\u7fa4\u67b6\u6784\u81ea\u52a8\u5316\u8fd0\u7ef4\u7ba1\u7406\u5de5\u4f5c\u3002\u64c5\u957fWeb\u96c6\u7fa4\u67b6\u6784\u4e0e\u81ea\u52a8\u5316\u8fd0\u7ef4\uff0c\u66fe\u8d1f\u8d23\u56fd\u5185\u67d0\u5927\u578b\u535a\u5ba2\u7f51\u7ad9\u8fd0\u7ef4\u5de5\u4f5c\u3002<\/p>\n\n\n\n

1.Kibana\u5b89\u5168\u8bbf\u95ee\u63a7\u5236\u6982\u8ff0<\/h2>\n\n\n\n
\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0ckibana\u53ef\u4ee5\u76f4\u63a5\u901a\u8fc7\u6d4f\u89c8\u5668\u6253\u5f00\u8fdb\u884c\u64cd\u4f5c\uff0c\u8fd9\u6837\u7684\u8bdd\u4efb\u4f55\u4eba\u90fd\u53ef\u4ee5\u901a\u8fc7\u8be5\u65b9\u5f0f\u6253\u5f00\uff0c\u6781\u5176\u7684\u4e0d\u5b89\u5168\u3002\u6211\u4eec\u53ef\u4ee5\u901a\u8fc7\u5982\u4e0b\u4e24\u79cd\u65b9\u5f0f\u6765\u89e3\u51b3\u3002\r\n\u65b9\u5f0f1\uff1anginx+kibana\uff0c\u975e\u5e38\u7b80\u5355\u5b9e\u73b0\u65b9\u5f0f\u3002\r\n\u65b9\u5f0f2\uff1akibana roles\uff0c\u6bd4\u8f83\u63a8\u8350\u65b9\u5f0f\u3002\r<\/code><\/pre>\n\n\n\n
2.nginx+kibana\u5b9e\u73b0\u57fa\u7840\u8bbf\u95ee\u63a7\u5236<\/h2>\n\n\n\n
###\u5b89\u88c5nginx\u548c\u5bc6\u7801\u5de5\u5177\r\n[root@es-node3 ~]# yum -y install nginx\r\n[root@es-node3 ~]# yum -y install httpd-tools\r\n###\u521b\u5efa\u5bc6\u7801\u6587\u4ef6\u5e76\u914d\u7f6enginx\r\n[root@es-node3 ~]# htpasswd  -b -c \/etc\/nginx\/auth_basic.pass sfy 123456\r\n[root@es-node3 ~]# cat \/etc\/nginx\/conf.d\/kibana.conf \r\nserver {\r\n\tlisten 80;\r\n\tserver_name kibana.com;\r\n    \r\n\tlocation \/ {\r\n\t\tproxy_pass http:\/\/10.0.0.150:5601;\r\n\t\tauth_basic on;\r\n                auth_basic_user_file auth_basic.pass;\r\n\t\tinclude proxy_params;\r\n\t}\r\n}\r\n[root@es-node3 ~]# cat \/etc\/nginx\/proxy_params \r\nproxy_set_header Host $http_host;\r\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\r\nproxy_connect_timeout 60;\r\nproxy_read_timeout 60;\r\nproxy_send_timeout 60;\r\nproxy_buffering on;\r\nproxy_buffer_size 8k;\r\nproxy_buffers 4 64k;\r\nproxy_http_version 1.1;\r\n[root@es-node3 ~]# systemctl restart nginx\r<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
3.\u914d\u7f6eTLS\u5b9e\u73b0\u5b89\u5168\u8bbf\u95ee\u63a7\u5236<\/h2>\n\n\n\n
1.\u6982\u8ff0<\/em><\/strong><\/p>\n\n\n\n
\u4ece Elastic Stack6.8\u548c7.1\u5f00\u59cb\uff0c\u5728\u9ed8\u8ba4\u5206\u53d1\u5305\u4e2d\u514d\u8d39\u63d0\u4f9b\u591a\u9879\u5b89\u5168\u529f\u80fd\uff0c\u4f8b\u5982 TLS \u52a0\u5bc6\u901a\u4fe1\u3001\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236 RBAC \u7b49\u7b49<\/code><\/pre>\n\n\n\n
2.\u914d\u7f6eTLS<\/em><\/strong><\/p>\n\n\n\n
1.\u5728 Elastic \u4e3b\u8282\u70b9\u914d\u7f6e TLS<\/p>\n\n\n\n
[root@node01 ~]# \/usr\/share\/elasticsearch\/bin\/elasticsearch-certutil ca\r\n[root@node01 ~]# \/usr\/share\/elasticsearch\/bin\/elasticsearch-certutil cert --ca elastic-stack-ca.p12\r\n\u4e00\u8def\u56de\u8f66\u5373\u53ef\r<\/code><\/pre>\n\n\n\n
2.\u590d\u5236\u8bc1\u4e66\u5230\u5408\u9002\u7684\u4f4d\u7f6e\u5e76\u590d\u5236\u5230\u96c6\u7fa4\u6240\u6709\u8282\u70b9<\/p>\n\n\n\n
\u6ce8\u610f\uff0c\u5404\u8282\u70b9\u8bc1\u4e66\u9700\u8981\u4e00\u81f4\r\nmkdir \/etc\/elasticsearch\/certs\r\ncp \/usr\/share\/elasticsearch\/*.p12 \/etc\/elasticsearch\/certs\/\r\nchown -R elasticsearch:elasticsearch \/etc\/elasticsearch\/certs\/\r\nscp -r \/etc\/elasticsearch\/certs 10.0.0.151:\/etc\/elasticsearch\/\r\nscp -r \/etc\/elasticsearch\/certs 10.0.0.150:\/etc\/elasticsearch\/\r<\/code><\/pre>\n\n\n\n
3.\u5404\u8282\u70b9\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\u5f00\u542f\u5b89\u5168\u529f\u80fd\u540e\u91cd\u542f\u6240\u6709\u8282\u70b9<\/p>\n\n\n\n
xpack.security.enabled: true #\u5f00\u542f\u5b89\u5168\u529f\u80fd\r\nxpack.security.transport.ssl.enabled: true #\u5f00\u542f\u4f20\u8f93\u7684\u65f6\u5019\u901a\u8fc7ssl\u52a0\u5bc6\u529f\u80fd\r\nxpack.security.transport.ssl.verification_mode: certificate #\u8ba4\u8bc1\u6a21\u5f0f\u662f \u8bc1\u4e66\u8ba4\u8bc1\r\nxpack.security.transport.ssl.keystore.path: certs\/elastic-stack-ca.p12 #\u8bc1\u4e66\u4f4d\u7f6e\r\nxpack.security.transport.ssl.truststore.path: certs\/elastic-stack-ca.p12 #\u8bc1\u4e66\u4f4d\u7f6e\nsystemctl restart elasticsearch\r<\/code><\/pre>\n\n\n\n
4.\u914d\u7f6e\u7528\u6237\u5bc6\u7801\uff0cauto\u4f1a\u4e3a\u4e0d\u540c\u7684\u5185\u90e8\u5806\u6808\u751f\u6210\u968f\u673a\u5bc6\u7801\u3002interactive\u624b\u52a8\u5b9a\u4e49\u5bc6\u7801<\/p>\n\n\n\n
##\u5bc6\u7801\u81f3\u5c116\u4f4d\uff0c\u9ed8\u8ba4\u7528\u6237\u540d\u4e3aelastic\n\/usr\/share\/elasticsearch\/bin\/elasticsearch-setup-passwords auto<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
5.kibana\u914d\u7f6e\u5bc6\u7801\u8ba4\u8bc1<\/p>\n\n\n\n
vim \/etc\/kibana\/kibana.yml\r\nelasticsearch.username: \"kibana_system\"\r\nelasticsearch.password: \"2jDiQNs13NOdMCdr1CCH\"\r\n##\u5bc6\u7801\u4e3a\u4e0a\u4e00\u6b65\u8bbe\u7f6e\u7684\u5bc6\u7801\r\n\u4fee\u6539\u597d\u914d\u7f6e\u540e\u8bb0\u5f97\u91cd\u542f:\r\nsystemctl restart kibana\r\n\u4f7f\u7528\u4e0a\u4e00\u6b65\u521b\u5efa\u7684elastic\u7528\u6237\u767b\u5f55\r<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
3.\u6ce8\u610f\u4e8b\u9879<\/em><\/strong><\/p>\n\n\n\n
1.\u4e00\u5b9a\u8981\u5148\u914d\u7f6e\u8bc1\u4e66\u8ba4\u8bc1\uff0c\u518d\u914d\u7f6e\u5bc6\u7801\uff0c\u4e0d\u7136\u5c31\u4f1a\u62a5\u9519\u3002\r\n2.\u9ed8\u8ba4\u521b\u5efa\u7684\u8bc1\u4e66\u662froot\u53ea\u8bfb\u6743\u9650\uff0c\u9700\u8981\u8bbe\u7f6e\u4e3aelasticsearch\u53ef\u4ee5\u8bfb\u53d6\u7684\u6743\u9650\uff0c\u4e0d\u7136\u542f\u52a8\u62a5\u9519\r\n3.\u521b\u5efa\u8d26\u53f7\u5bc6\u7801\u547d\u4ee4\u53ea\u9700\u8981\u5728master\u8282\u70b9\u914d\u7f6e\u5373\u53ef\r\n4.\u521b\u5efa\u8d26\u53f7\u5bc6\u7801\u547d\u4ee4\u53ea\u80fd\u8fd0\u884c\u4e00\u6b21\uff0c\u518d\u6b21\u8fd0\u884c\u5c31\u4f1a\u62a5\u9519\r\n5.\u521d\u59cb\u5316\u7684\u8d26\u53f7\u5bc6\u7801\u4ec5\u4ec5\u662f\u4f5c\u4e3a\u7ec4\u4ef6\u4e4b\u95f4\u4f20\u8f93\u4fe1\u606f\u4f7f\u7528\uff0c\u5e76\u4e0d\u662f\u7ed9\u7528\u6237\u4f7f\u7528\u7684\u3002\r\n6.\u5982\u679c\u662f\u9700\u8981\u7ed9\u7528\u6237\u5206\u914d\u6743\u9650\uff0c\u9700\u8981\u5728kibana\u91cc\u4ee5elastic\u7528\u6237\u767b\u5f55\uff0c\u7136\u540e\u5728\u521b\u5efa\u65b0\u7528\u6237\u548c\u65b0\u89d2\u8272\u3002\r\n7.\u4e00\u65e6\u5f00\u542f\u4e86tls\u8ba4\u8bc1\uff0c\u90a3\u4e48\u96c6\u7fa4\u91cc\u6240\u6709\u7684\u5305\u62eclogstash\u90fd\u8981\u914d\u7f6e\u7528\u6237\u5bc6\u7801\uff0c\u4ee5\u786e\u4fdd\u6570\u636e\u80fd\u5199\u5230es\r\n\u4ee5\u4e0b\u662f\u4e00\u4e2alogstash\u7684\u914d\u7f6e\u793a\u4f8b\u7528\u6237\u540d\u548c\u5bc6\u7801\u5747\u6765\u81ea\u4e0a\u9762\u7684auto\u521b\u5efa\u7684\r\noutput {\r\n\telasticsearch {\r\n\t\thosts => [\"10.0.0.150:9200\",\"10.0.0.151:9200\",\"10.0.0.152:9200\"]\r\n\t\tuser => \"elastic\"\r\n\t\tpassword => \"iEj4tsQy7iFrdXdJjNY6\"\r\n\t\tindex => \"%{[@metadata][target_index]}\"\r\n\t\ttemplate_overwrite => true\r\n\t}\r\n}\r<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u5b59\u5bcc\u9633\uff0c \u6c5f\u6e56\u4eba\u79f0\u6ca1\u4eba\u79f0\u3002\u591a\u5e74\u4e92\u8054\u7f51\u8fd0\u7ef4\u5de5\u4f5c\u7ecf\u9a8c\uff0c\u66fe\u8d1f\u8d23\u8fc7\u5b59\u5e03\u65af\u5927\u89c4\u6a21\u96c6\u7fa4\u67b6\u6784\u81ea\u52a8\u5316\u8fd0\u7ef4\u7ba1\u7406\u5de5\u4f5c\u3002\u64c5\u957fWeb\u96c6 […]<\/p>\n","protected":false},"author":1,"featured_media":246,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"_links":{"self":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1649"}],"collection":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1649"}],"version-history":[{"count":3,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1649\/revisions"}],"predecessor-version":[{"id":1657,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1649\/revisions\/1657"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/media\/246"}],"wp:attachment":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}