2018-08-22 00:34:51.952 [INFO ] [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] [com.cjs.handler.MessageHandler][39] - 监听到注册事件消息:

#=========================== Filebeat inputs =============================filebeat.inputs:- type: log  enabled: true  # 要抓取的文件路径   paths:    - /data/logs/oh-coupon/info.log    - /data/logs/oh-coupon/error.log  # 添加额外的字段  fields:    log_source: oh-coupon  fields_under_root: true  # 多行处理  # 不以"yyyy-MM-dd"这种日期开始的行与前一行合并   multiline.pattern: ^\d{4}-\d{1,2}-\d{1,2}  multiline.negate: true  multiline.match: after  # 5秒钟扫描一次以检查文件更新  scan_frequency: 5s  # 如果文件1小时都没有更新，则关闭文件句柄  close_inactive: 1h    # 忽略24小时前的文件  #ignore_older: 24h- type: log  enabled: true  paths:    - /data/logs/oh-promotion/info.log    - /data/logs/oh-promotion/error.log  fields:    log_source: oh-promotion  fields_under_root: true  multiline.pattern: ^\d{4}-\d{1,2}-\d{1,2}  multiline.negate: true  multiline.match: after  scan_frequency: 5s  close_inactive: 1h    ignore_older: 24h#================================ Outputs =====================================#-------------------------- Elasticsearch output ------------------------------#output.elasticsearch:  # Array of hosts to connect to.  # hosts: ["localhost:9200"]  # Optional protocol and basic auth credentials.  #protocol: "https"  #username: "elastic"  #password: "changeme"#----------------------------- Logstash output --------------------------------output.logstash:  # The Logstash hosts  hosts: ["localhost:5044"]  # Optional SSL. By default is off.  # List of root certificates for HTTPS server verifications  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]  # Certificate for SSL client authentication  #ssl.certificate: "/etc/pki/client/cert.pem"  # Client Certificate Key  #ssl.key: "/etc/pki/client/cert.key"

# X-Pack Monitoring# https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.htmlxpack.monitoring.enabled: truexpack.monitoring.elasticsearch.username: "logstash_system"xpack.monitoring.elasticsearch.password: "123456"xpack.monitoring.elasticsearch.url: ["http://localhost:9200"]

input {    beats {        port => "5044"    }}filter {    grok {        match => { "message" => "%{TIMESTAMP_ISO8601:log_date}\s+\[%{LOGLEVEL:log_level}" }    }    date {        match => ["log_date", "yyyy-MM-dd HH:mm:ss.SSS"]        target => "@timestamp"    }}output {        if [log_source] == "oh-coupon" {        elasticsearch {            hosts => [ "localhost:9200" ]            index => "oh-coupon-%{+YYYY.MM.dd}"            user => "logstash_internal"            password => "123456"        }    }    if [log_source] == "oh-promotion" {        elasticsearch {            hosts => [ "localhost:9200" ]            index => "oh-promotion-%{+YYYY.MM.dd}"            user => "logstash_internal"            password => "123456"        }    }}

xpack.security.enabled: true

server.port: 5601server.host: "192.168.101.5"elasticsearch.url: "http://localhost:9200"kibana.index: ".kibana"elasticsearch.username: "kibana"elasticsearch.password: "123456"xpack.security.enabled: truexpack.security.encryptionKey: "4297f44b13955235245b2497399d7a93"

[root@localhost ~]# su - cheng[cheng@localhost ~]$ cd $ES_HOME[cheng@localhost elasticsearch-6.3.2]$ bin/elasticsearch

[cheng@localhost kibana-6.3.2-linux-x86_64]$ bin/kibana

[root@localhost logstash-6.3.2]# bin/logstash -f second-pipeline.conf --config.test_and_exit[root@localhost logstash-6.3.2]# bin/logstash -f second-pipeline.conf --config.reload.automatic

[root@localhost filebeat-6.3.2-linux-x86_64]# rm -f data/registry[root@localhost filebeat-6.3.2-linux-x86_64]# ./filebeat -e -c filebeat.yml -d "publish"