Packetbeat 仪表板安装

【问题标题】:Packetbeat dashboard installationPacketbeat 仪表板安装
【发布时间】:2018-02-10 14:42:59
【问题描述】:

我正在尝试安装 packetbeat 仪表板,此命令按预期工作。我已经安装了匹配的 Kibana 版本。

docker run docker.elastic.co/beats/packetbeat:5.5.0 ./scripts/import_dashboards  -es http://172.31.73.234:9200

当我尝试安装最新版本的 packetbeat 时,我收到此错误:

docker run docker.elastic.co/beats/packetbeat:6.1.3  ./scripts/import_dashboards  -es http://1.2.3.4:9200
/usr/local/bin/docker-entrypoint: line 13: /usr/share/packetbeat/packetbeat: Operation not permitted

我检查了 packetbeat 和 kibana 使用的是相同的 6.1.3 版本

1) 为什么在 6.1.3 版本而不是 5.5.0 版本中第 13 行失败?

2) 有没有其他方法可以使用docker安装packetbeat?

更新:

换句话说,这适用于 elastic 和 packetbeat 都使用相同版本 5.6.7:

 docker run docker.elastic.co/beats/packetbeat:5.6.7 ./scripts/import_dashboards  -es https://0457e68d58e2479e1e73facc72f6cc56.us-east-1.aws.found.io:9243 -user elastic -pass XXX

但这不适用于弹性版本 6 或 kibana API:

# docker run docker.elastic.co/beats/packetbeat:6.1.3 ./scripts/import_dashboards  -es  https://db301e3a9602f088035cc828312ebdf2.us-east-1.aws.found.io:9243 -user elastic -pass xxx
/usr/local/bin/docker-entrypoint: line 13: /usr/share/packetbeat/packetbeat: Operation not permitted

# docker run docker.elastic.co/beats/packetbeat:5.6.7 ./scripts/import_dashboards  -es  https://db301e3a9602f088035cc828312ebdf2.us-east-1.aws.found.io:9243 -user elastic -pass xxx
Initialize the Elasticsearch 6.1.3 loader
Elasticsearch URL https://db301e3a9602f088035cc828312ebdf2.us-east-1.aws.found.io:9243
For Elasticsearch version >= 6.0.0, the Kibana dashboards need to be imported via the Kibana API.

# docker run docker.elastic.co/beats/packetbeat:6.1.3 ./scripts/import_dashboards  -es  https://c2ddaa70b10cb93643b031042d4f6554.us-east-1.aws.found.io:9243 -user elastic -pass xxx
/usr/local/bin/docker-entrypoint: line 13: /usr/share/packetbeat/packetbeat: Operation not permitted

# docker run docker.elastic.co/beats/packetbeat:5.6.7 ./scripts/import_dashboards  -es  https://c2ddaa70b10cb93643b031042d4f6554.us-east-1.aws.found.io:9243 -user elastic -pass xxx
fail to create the Elasticsearch loader: Error creating Elasticsearch client: Couldn't connect to any of the configured Elasticsearch hosts
Exiting

【问题讨论】:

    标签: packetbeat


    【解决方案1】:

    这与我想要实现的目标很接近。它不是基于 docker,但它可以工作!

    1) 下载packetbeat:

    curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-6.1.3-x86_64.rpm

sudo rpm -vi packetbeat-5.4.1-x86_64.rpm

cd /usr/share/packetbeat/

    2) 配置 packetbeat.yml 文件:

    #-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["611878ce312a4bc30040208f62a9c9341.us-east-1.aws.found.io:9243"]

  # Optional protocol and basic auth credentials.
  protocol: "https"
  username: "elastic"
  password: "xxx"

#============================== Kibana =====================================

setup.kibana:

  host: "https://b0440709b5f76af035e0a5915a763ebf1.us-east-1.aws.found.io:9243"

#============================== Dashboards =====================================
setup.dashboards.enabled: true

    3) 启动packetbeat服务

    /etc/init.d/packetbeat restart

    【讨论】:

      猜你喜欢
      • 2015-08-01
      • 2014-12-12
      • 2020-01-22
      • 2021-12-31
      • 2017-07-15
      • 2021-04-16
      • 1970-01-01
      • 2011-05-31
      • 2021-01-10
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode