新手尝试搭建ELK，kibana查询无结果

Kibana | 作者 yunlong_yuan | 发布于2016年04月05日 | 阅读数：9561

分享到：QQ空间新浪微博微信 QQ好友印象笔记有道云笔记

本人新手一枚，尝试搭建ELK环境，并取回tomcat日志，然后创建索引后无结果返回，求指教.

创建logstash配置文件,tomcat.conf,内容如下[list][*]input{ file { path => "/var/opt/esl/webservices/esl_webservice_1.log" start_position => "beginning" } } output{ stdout { codec => json } elasticsearch { hosts => "16.187.106.154" index => "tomcat-%{+YYYY.MM.dd}" } }

[/*]
[*]kibana正常启动

[/*]
[*]kibana中创建名为tomcat-*的索引后查询无数据

[/*]
[/list]

7 个回复

stab - freshman

es里有数据么?

yunlong_yuan

@stab - freshman,感谢你的回复，我是个新手不太明白怎么查看是否有数据，我试了下用这个地址去访问
*[/url]
然后得到了下面的东西

{"tomcat-2016.04.05":{"aliases":{},"mappings":{"logs":{"properties":{"@timestamp":{"type":"date","format":"strict_date_optional_time||epoch_millis"},"@version":{"type":"string"},"host":{"type":"string"},"message":{"type":"string"},"path":{"type":"string"}}}},"settings":{"index":{"creation_date":"1459882488843","number_of_shards":"5","number_of_replicas":"1","uuid":"T9nzAvwWSHOYmppBcRoMmg","version":{"created":"2020199"}}},"warmers":{}}}

这样是表示没有数据吗？

junjielee - Pythonor in Guangzhou

默认的时间比较短，修改下查看今天的？

或者你可以用 elasticsearch的 rest api查看数据，如果有数据，但是kibana对应日期的没有显示，可能就是配置问题了

yunlong_yuan

@junjielee,谢谢你的回复，我去google了下es的查询相关的只是，用了这个方式得到了如下结果，我看这结果感觉很奇怪，是我的日志格式不满足es的格式要求吗,求指教.

使用*/logs/_searchpretty=true[/url]地址获取如下信息
{ "took" : 33, "timed_out" : false, "_shards" : { "total" : 10, "successful" : 10, "failed" : 0 }, "hits" : { "total" : 5697, "max_score" : 1.0, "hits" : [ { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtc", "_score" : 1.0, "_source" : { "message" : "2016-04-05 14:51:29,770DEBUG [localhost-startStop-1][org.apache.cxf.configuration.spring.ConfigurerImpl] - Could not find a definition for bean with id {http://Hp.Cis.External.Service.StreamReceive}CIAssetPort.endpoint - no injection will be performed.", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.194Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtf", "_score" : 1.0, "_source" : { "message" : "2016-04-05 14:51:29,771DEBUG [localhost-startStop-1][org.apache.cxf.endpoint.ServerImpl] - register the server to serverRegistry ", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.208Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTth", "_score" : 1.0, "_source" : { "message" : "2016-04-05 14:51:29,794DEBUG [localhost-startStop-1][org.apache.cxf.configuration.spring.ConfigurerImpl] - Could not find a definition for bean with id org.apache.cxf.jaxws.JaxWsServerFactoryBean - no injection will be performed.", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.209Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtm", "_score" : 1.0, "_source" : { "message" : " [Lcom.hp.esl.common.pojo.MessageInfo;", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.210Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtp", "_score" : 1.0, "_source" : { "message" : " byte", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.211Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTts", "_score" : 1.0, "_source" : { "message" : " com.hp.esl.common.pojo.InstanceInfo", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.213Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtt", "_score" : 1.0, "_source" : { "message" : " com.hp.esl.common.pojo.MessageInfo", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.213Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTtx", "_score" : 1.0, "_source" : { "message" : " com.sun.xml.bind.api.CompositeStructure", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.232Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTt6", "_score" : 1.0, "_source" : { "message" : " java.lang.Class", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.236Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } }, { "_index" : "tomcat-2016.04.05", "_type" : "logs", "_id" : "AVPnxvsFd9VyPBhrGTt_", "_score" : 1.0, "_source" : { "message" : " java.lang.Object", "@version" : "1", "@timestamp" : "2016-04-05T18:54:50.237Z", "path" : "/var/opt/esl/webservices/esl_webservice_1.log", "host" : "localhost.asiapacific.hpqcorp.net" } } ] } }
tomcat日志内容，一小段[list][*]

[/*]
[/list]

guoyiqin

直接*查询是查不出来的你试试*:*

coolloves - search...

kibana取值好像都要时间戳,你先看看索引里面有数据吗?

curl localhost:9200/indexname/_search?size=10&from=0&pretty

yunlong_yuan

感谢楼上两位的回答，我尝试用*:*还是没有效果。尝试查询索引有数据,截图如下

要回复问题请先登录或注册

新手尝试搭建ELK，kibana查询无结果

7 个回复

发起人

活动推荐

相关问题

问题状态

新手尝试搭建ELK，kibana查询无结果

与内容相关的链接

7 个回复

发起人

活动推荐

相关问题

问题状态