基于ELK 的日志分析平台搭建与优化
(广州致远电子有限公司,广东 广州 510660)

摘  要:在云计算和大数据时代,针对业务服务运行状态的实时监控与日志数据分析具有非常重要的意义,而为了达成该目标,首先需要构建一个符合企业自身业务场景的集中式日志管理平台的解决方案。本文采用目前流行的开源集中式日志解决方案——ELK Stack(Elasticsearch、Logstash、Kibana Stack),探讨该方案中三大组件的核心功能和使用方法,在此基础上搭建对海量日志进行实时监控和检索分析的日志监控处理方案,以及研究如何优化在性能偏低的设备节点部署该方案的方法。


中图分类号:TP311.1         文献标识码:A         文章编号:2096-4706(2019)15-0193-02

Construction and Optimization of Log Analysis Platform Based on ELK

LI Qin,YANG Cheng

(Guangzhou Zhiyuan Electronics Co.,Ltd.,Guangzhou 510660,China)

Abstract:In the era of cloud computing and big data,the real-time monitoring and log data analysis of business service running state is of great significance. To achieve this goal,it is necessary to build a centralized log management platform solution in line with the enterprise’s own business scenario. Based on the currently popular open source centralized logging solutions——ELK Stack( Elasticsearch,Logstash,Kibana Stack),discusses the scheme of the three components of the core functions and using methods,based on the building of massive logs real-time monitoring and analysis of log to monitor treatment scheme,it also studies how to optimize the deployment of the scheme in low performance equipment nodes.

Keywords:log processing;ELK;filebeat


