splunk存儲
㈠ 鏃ュ織閲囬泦緋葷粺鏈夊摢浜
鏃ュ織閲囬泦緋葷粺鏄涓縐嶇敤浜庤嚜鍔ㄥ寲鏀墮泦銆佸勭悊鍜岃漿鍙戞棩蹇楁暟鎹鐨勫伐鍏鳳紝鍙甯鍔╀紒涓氬拰緇勭粐瀹炵幇瀵瑰叾IT鍩虹璁炬柦鐨勭洃鎺у拰鏁呴殰鎺掗櫎銆備互涓嬫槸涓浜涘父瑙佺殑鏃ュ織閲囬泦緋葷粺錛
1. Logstash錛歀ogstash鏄疎lastic Stack錛堝墠縐頒負ELK Stack錛夌殑涓閮ㄥ垎錛屽畠鏄涓涓寮婧愮殑鏃ュ織閲囬泦銆佸勭悊鍜岃漿鍙戠殑宸ュ叿銆侺ogstash鑳藉熷悓鏃朵粠澶氫釜鏉ユ簮閲囬泦鏁版嵁錛屽疄鏃惰漿鎹㈠拰瑙f瀽鏁版嵁錛岀劧鍚庡皢鏁版嵁鍙戦佸埌浣犳寚瀹氱殑鐩鐨勫湴銆傚畠鎷ユ湁寮哄ぇ鐨勬彃浠剁敓鎬佺郴緇燂紝鍙浠ヨ交鏉炬墿灞曞叾鍔熻兘銆
2. Fluentd錛欶luentd鏄鍙︿竴涓寮婧愮殑鏃ュ織閲囬泦鍣錛屽畠浠ョ粺涓鐨勬柟寮忓勭悊鍚勭嶆暟鎹婧愬拰鏁版嵁杈撳嚭銆侳luentd鐨勬牳蹇冭捐$悊蹇墊槸綆鍗曘佸仴澹鍜屽彲鎵╁睍銆傚畠鏀鎸佸悇縐嶆暟鎹婧愶紙濡傜郴緇熸棩蹇椼乄eb鏈嶅姟鍣ㄦ棩蹇椼佽嚜瀹氫箟搴旂敤紼嬪簭鏃ュ織絳夛級鍜屽悇縐嶆暟鎹杈撳嚭錛堝傛枃浠躲丄mazon S3銆丒lasticsearch絳夛級銆
3. Filebeat錛欶ilebeat鏄疎lastic鍏鍙稿紑鍙戠殑杞婚噺綰ф棩蹇楅噰闆嗗櫒錛岀壒鍒閫傚悎鐢ㄤ簬杞鍙戝拰闆嗕腑鏃ュ織鏁版嵁銆侳ilebeat瀹夎呭湪鏈嶅姟鍣ㄤ笂浣滀負浠g悊鏉ョ洃瑙嗘棩蹇楃洰褰曟垨鐗瑰畾鐨勬棩蹇楁枃浠訛紝鐒跺悗灝嗗畠浠杞鍙戝埌Logstash鎴朎lasticsearch榪涜屽勭悊鍜屽瓨鍌ㄣ
4. Rsyslog錛歊syslog鏄涓涓蹇閫熴佸己澶у拰妯″潡鍖栫殑緋葷粺鏃ュ織瀹堟姢紼嬪簭錛屽箍娉涚敤浜嶭inux緋葷粺銆傞櫎浜嗗熀鏈鐨勭郴緇熸棩蹇楀勭悊鍔熻兘澶栵紝Rsyslog榪樻敮鎸佸悇縐嶈緭鍑烘牸寮忓拰鐩鐨勫湴錛屽寘鎷榪滅▼鏃ュ織鏈嶅姟鍣ㄣ佹暟鎹搴撳拰娑堟伅闃熷垪絳夈
5. Splunk Forwarder錛歋plunk鏄涓涓鍔熻兘寮哄ぇ鐨勬棩蹇楃$悊鍜屽垎鏋愬鉤鍙幫紝Splunk Forwarder鏄鍏朵竴閮ㄥ垎錛岀敤浜庝粠鍚勭嶆潵婧愭敹闆嗘棩蹇楁暟鎹騫跺皢鍏惰漿鍙戝埌Splunk鏈嶅姟鍣ㄨ繘琛屽勭悊鍜屽垎鏋愩
鍦ㄩ夋嫨鏃ュ織閲囬泦緋葷粺鏃訛紝闇瑕佽冭檻澶氫釜鍥犵礌錛屽傛暟鎹婧愮被鍨嬨佹暟鎹杈撳嚭闇奼傘佺郴緇熻祫婧愭秷鑰椼佹槗鐢ㄦу拰紺懼尯鏀鎸佺瓑銆備緥濡傦紝濡傛灉浣犲凡緇忓湪浣跨敤Elasticsearch榪涜屾棩蹇楀瓨鍌ㄥ拰鍒嗘瀽錛岄偅涔圠ogstash鍜孎ilebeat鍙鑳芥槸鏇村ソ鐨勯夋嫨錛屽洜涓哄畠浠涓嶦lasticsearch鏃犵紳闆嗘垚銆傚彟涓鏂歸潰錛屽傛灉浣犻渶瑕佷竴涓杞婚噺綰т笖璧勬簮娑堣楄緝灝戠殑鏃ュ織閲囬泦鍣錛岄偅涔團luentd鎴朢syslog鍙鑳芥洿閫傚悎浣犵殑闇奼傘