Posts Tagged ‘efk’

Modifying elasticsearch index settings

To view the settings of an index run the following at the command-line… curl -XGET http://hostname:9200/indexname/_settings From here you can indeify the setting you need and modify it as you wish. This example sets the number of replicas to zero. curl -XPUT http://hostname:9200/indexname/_settings -d ‘{ “index”: {“number_of_replicas”:”0″}}’ For further details see the manual.

Monitoring fluentd with Nagios

Here’s just a few Nagios command strings you can use to monitor fluentd. I’ve thrown in a check for elasticsearch in case you’re monitoring an EFK system. For checking td-agent. We should have 2 process, parent and child… /usr/local/nagios/libexec/check_procs -w 2:2 -C ruby -a td-agent For checking vanilla fluentd. Be aware your version name may differ… […]

EFK: Free Alternative to Splunk Using Fluentd

Here is an updated version of the instructions given at Free Alternative to Splunk Using Fluentd. The installation was performed in CentOS 6.5. 1. Install ElasticSearch mkdir /opt/src cd /opt/src wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.2.1.noarch.rpm rpm -ivh elasticsearch-1.2.1.noarch.rpm /sbin/chkconfig –add elasticsearch service elasticsearch start # Move default file locations if required mkdir /data/elasticsearch mkdir /data/elasticsearch/data mkdir /data/elasticsearch/tmp mkdir /data/elasticsearch/logs […]