J’ai fait un test de Digikam : https://www.digikam.org .
Quand la bibliothèque est grosse, le logiciel devient inutilisable …
Je vais attendre la version optimisé, mais c’est très prometteur.
( C’est instable … sniff )
Installation de Munin Server sur MacOS.
Le lien : https://www.macports.org/install.php pour le téléchargement : macOS High Sierra v10.13
Installation
# sudo port install munin +server
Password:
Warning: xcodebuild exists but failed to execute
Warning: Xcode does not appear to be installed; most ports will likely fail to build.
---> Computing dependencies for munin
The following dependencies will be installed:
...
Continue? [Y/n]: Y
...
---> Extracting munin
---> Applying patches to munin
---> Configuring munin
---> Building munin
---> Staging munin into destroot
###########################################################
# A startup item has been generated that will cause the
# Munin server to fetch data from all nodes every 5 mins.
# It is disabled by default, please execute the following
# command to enable:
#
# sudo launchctl load -w /Library/LaunchDaemons/org.macports.munin-cron.plist
###########################################################
---> Creating launchd control script 'munin-node'
---> Installing munin @1.4.7_6+server
---> Activating munin @1.4.7_6+server
---> Cleaning munin
---> Updating database of binaries
---> Updating database of C++ stdlib usage
---> Scanning binaries for linking errors
---> No broken files found.
---> No broken ports found.
---> Some of the ports you installed have notes:
libidn has the following notes:
Please be aware that GNU libidn2 is the successor of GNU libidn. It comes
with IDNA 2008
and TR46 implementations and also provides a compatibility layer for GNU
libidn.
munin has the following notes:
To detect supported Munin plugins please use the following command:
sudo -u munin munin-node-configure --suggest --shell | sudo sh
A startup item has been generated that will aid in starting munin with
launchd. It is disabled by default. Execute the following command to start
it, and to cause it to launch at startup:
sudo port load munin
python27 has the following notes:
To make this the default Python or Python 2 (i.e., the version run by the
'python' or 'python2' commands), run one or both of:
sudo port select --set python python27
sudo port select --set python2 python27
# sudo port install munin
---> Fetching distfiles for munin
---> Verifying checksums for munin
---> Extracting munin
---> Applying patches to munin
---> Configuring munin
---> Building munin
---> Staging munin into destroot
---> Creating launchd control script 'munin-node'
---> Installing munin @1.4.7_6
---> Unloading startupitem 'munin-node' for munin
---> Deactivating munin @1.4.7_6+server
---> Cleaning munin
---> Activating munin @1.4.7_6
---> Cleaning munin
---> Scanning binaries for linking errors
---> No broken files found.
---> No broken ports found.
---> Some of the ports you installed have notes:
munin has the following notes:
To detect supported Munin plugins please use the following command:
sudo -u munin munin-node-configure --suggest --shell | sudo sh
A startup item has been generated that will aid in starting munin with launchd. It is disabled by default. Execute the following command to start
it, and to cause it to launch at startup:
sudo port load munin
# sudo -u munin munin-node-configure --suggest --shell
# The following plugins caused errors:
# apache_processes:
# Non-zero exit during autoconf (255)
# if_:
# Timed out during suggest
# No valid suggestions
# if_err_:
# Timed out during suggest
# No valid suggestions
# mysql_:
# Non-zero exit during autoconf (2)
# slony_lag_:
# Non-zero exit during autoconf (2)
# varnish_:
# Non-zero exit during autoconf (255)
Je supprime le –shell :
$ sudo -u munin munin-node-configure --suggest Plugin | Used | Suggestions ------ | ---- | ----------- amavis | no | no apache_accesses | no | no [LWP::UserAgent not found] apache_processes | no | no apache_volume | no | no [LWP::UserAgent not found] apc_envunit_ | no | no [no units to monitor] courier_mta_mailqueue | no | no [spooldir not found] courier_mta_mailstats | no | no [could not find executable] courier_mta_mailvolume | no | no [could not find executable] cupsys_pages | no | no [logfile not found] df | yes | yes df_inode | yes | yes exim_mailqueue | no | no [no exiqgrep] exim_mailstats | no | no ['/usr/sbin/exim -bP log_file_path' returned an error] fail2ban | no | no [/usr/bin/fail2ban-client not found] hddtemp_smartctl | no | no [smartctl not found] http_loadtime | no | no [need time and wget programs] if_ | no | yes if_err_ | no | yes jmx_ | no | no [connection to 127.0.0.1:5400 failed] load | yes | yes lpstat | yes | yes munin_stats | yes | no [munin-update was not found at /opt/local/lib/munin/munin-update] mysql_ | no | no netstat | yes | yes nginx_request | no | no [LWP::UserAgent not found] nginx_status | no | no [LWP::UserAgent not found] ntp_kernel_err | no | no ntp_kernel_pll_freq | no | no ntp_kernel_pll_off | no | no ntp_offset | yes | yes nvidia_ | no | no [no nvclock executable at /usr/bin/nvclock, please configure] postfix_mailqueue | yes | yes postfix_mailvolume | no | no [logfile '/var/log/syslog' not found] postgres_bgwriter | no | no [DBD::Pg not found, and cannot do psql yet] postgres_cache_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_checkpoints | no | no [DBD::Pg not found, and cannot do psql yet] postgres_connections_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_connections_db | no | no [DBD::Pg not found, and cannot do psql yet] postgres_locks_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_querylength_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_scans_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_size_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_transactions_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_tuples_ | no | no [DBD::Pg not found, and cannot do psql yet] postgres_users | no | no [DBD::Pg not found, and cannot do psql yet] postgres_xlog | no | no [DBD::Pg not found, and cannot do psql yet] processes | yes | yes ps_ | no | no qmailqstat | no | no sendmail_mailqueue | no | no sendmail_mailstats | no | no [no mailstats command] sendmail_mailtraffic | no | no [no mailstats command] slapd_ | no | no [Net::LDAP not found] slapd_bdb_cache_ | no | no [Can't execute db_stat file '/usr/bin/db4.6_stat'] slony_lag_ | no | no smart_ | no | no [smartmontools not found] snort_alerts | no | no [/var/snort/snort.stats not readable] snort_bytes_pkt | no | no [/var/snort/snort.stats not readable] snort_drop_rate | no | no [/var/snort/snort.stats not readable] snort_pattern_match | no | no [/var/snort/snort.stats not readable] snort_pkts | no | no [/var/snort/snort.stats not readable] snort_traffic | no | no [/var/snort/snort.stats not readable] squeezebox_ | no | no [no connection on localhost port 9090] squid_cache | no | no [could not connect: Connection refused] squid_objectsize | no | no [could not connect: Connection refused] squid_requests | no | no [could not connect: Connection refused] squid_traffic | no | no [could not connect: Connection refused] tomcat_ | no | no users | yes | yes varnish_ | no | no vmstat | no | no [could not run "vmstat"] zimbra_ | no | no [No Text::CSV_XS] # The following plugins caused errors: # apache_processes: # Non-zero exit during autoconf (255) # if_: # Timed out during suggest # No valid suggestions # if_err_: # Timed out during suggest # No valid suggestions # mysql_: # Non-zero exit during autoconf (2) # slony_lag_: # Non-zero exit during autoconf (2) # varnish_: # Non-zero exit during autoconf (255) # sudo port install munin Warning: xcodebuild exists but failed to execute Warning: Xcode does not appear to be installed; most ports will likely fail to build. ---> Computing dependencies for munin ---> Cleaning munin ---> Scanning binaries for linking errors ---> No broken files found.
A noter l’avertissement suivant :
Il faut donc comprendre l’erreur avec Apache qui empêche de faire la configuration, c’est surement que je n’ai pas autoconf :
# brew install autoconf automake libtool ... ==> Caveats In order to prevent conflicts with Apple's own libtool we have prepended a "g" so, you have instead: glibtool and glibtoolize. ==> Summary ? /usr/local/Cellar/libtool/2.4.6_1: 71 files, 3.7MB ==> Caveats ==> autoconf Emacs Lisp files have been installed to: /usr/local/share/emacs/site-lisp/autoconf ==> libtool In order to prevent conflicts with Apple's own libtool we have prepended a "g" so, you have instead: glibtool and glibtoolize. # brew install rrdtool Updating Homebrew... ==> Auto-updated Homebrew! Updated 1 tap (homebrew/core). ==> Updated Formulae cromwell fn glide kubernetes-helm llnode nifi-registry pre-commit ==> Installing dependencies for rrdtool: gettext, libffi, pcre, glib, libpng, freetype, fontconfig, pixman, cairo, fribidi, graphite2, icu4c, harfbuzz, pango ... ? /usr/local/Cellar/rrdtool/1.7.0_1: 155 files, 3MB ==> Caveats ==> gettext gettext is keg-only, which means it was not symlinked into /usr/local, because macOS provides the BSD gettext library & some software gets confused if both are in the library path. If you need to have gettext first in your PATH run: echo 'export PATH="/usr/local/opt/gettext/bin:$PATH"' >> ~/.bash_profile For compilers to find gettext you may need to set: export LDFLAGS="-L/usr/local/opt/gettext/lib" export CPPFLAGS="-I/usr/local/opt/gettext/include" ==> libffi libffi is keg-only, which means it was not symlinked into /usr/local, because some formulae require a newer version of libffi. For compilers to find libffi you may need to set: export LDFLAGS="-L/usr/local/opt/libffi/lib" For pkg-config to find libffi you may need to set: export PKG_CONFIG_PATH="/usr/local/opt/libffi/lib/pkgconfig" ==> icu4c icu4c is keg-only, which means it was not symlinked into /usr/local, because macOS provides libicucore.dylib (but nothing else). If you need to have icu4c first in your PATH run: echo 'export PATH="/usr/local/opt/icu4c/bin:$PATH"' >> ~/.bash_profile echo 'export PATH="/usr/local/opt/icu4c/sbin:$PATH"' >> ~/.bash_profile For compilers to find icu4c you may need to set: export LDFLAGS="-L/usr/local/opt/icu4c/lib" export CPPFLAGS="-I/usr/local/opt/icu4c/include" For pkg-config to find icu4c you may need to set: export PKG_CONFIG_PATH="/usr/local/opt/icu4c/lib/pkgconfig" $ sudo -u munin munin-node-configure --suggest --shell # The following plugins caused errors: # apache_processes: # Non-zero exit during autoconf (255) # if_: # Timed out during suggest # No valid suggestions # if_err_: # Timed out during suggest # No valid suggestions # mysql_: # Non-zero exit during autoconf (2) # slony_lag_: # Non-zero exit during autoconf (2) # varnish_: # Non-zero exit during autoconf (255)
Si je regarde la liste des plugins :
$ ls -l /opt/local/etc/munin/plugins/* lrwxr-xr-x 1 root admin 31 26 sep 17:19 /opt/local/etc/munin/plugins/df -> /opt/local/lib/munin/plugins/df lrwxr-xr-x 1 root admin 37 26 sep 17:19 /opt/local/etc/munin/plugins/df_inode -> /opt/local/lib/munin/plugins/df_inode lrwxr-xr-x 1 root admin 33 26 sep 17:19 /opt/local/etc/munin/plugins/load -> /opt/local/lib/munin/plugins/load lrwxr-xr-x 1 root admin 35 26 sep 17:19 /opt/local/etc/munin/plugins/lpstat -> /opt/local/lib/munin/plugins/lpstat lrwxr-xr-x 1 root admin 40 26 sep 17:19 /opt/local/etc/munin/plugins/munin_stats -> /opt/local/lib/munin/plugins/munin_stats lrwxr-xr-x 1 root admin 36 26 sep 17:19 /opt/local/etc/munin/plugins/netstat -> /opt/local/lib/munin/plugins/netstat lrwxr-xr-x 1 root admin 39 26 sep 17:19 /opt/local/etc/munin/plugins/ntp_offset -> /opt/local/lib/munin/plugins/ntp_offset lrwxr-xr-x 1 root admin 46 26 sep 17:19 /opt/local/etc/munin/plugins/postfix_mailqueue -> /opt/local/lib/munin/plugins/postfix_mailqueue lrwxr-xr-x 1 root admin 38 26 sep 17:19 /opt/local/etc/munin/plugins/processes -> /opt/local/lib/munin/plugins/processes lrwxr-xr-x 1 root admin 34 26 sep 17:19 /opt/local/etc/munin/plugins/users -> /opt/local/lib/munin/plugins/users
Je supprime lpstat & ntp_offset:
$ sudo /opt/local/etc/munin/plugins/lpstat Password: lpstat: No destinations added. lpstat: No destinations added. $ sudo rm /opt/local/etc/munin/plugins/lpstat $ sudo /opt/local/etc/munin/plugins/ntp_offset ntpq: read: Connection refused delay.value U offset.value U jitter.value U $ sudo rm /opt/local/etc/munin/plugins/ntp_offset
Ensuite il faut lancer Apache :
# sudo apachectl -k restart
Il suffit de faire le test suivant : http://127.0.0.1/ .
Attention sur mon installation j’ai déjà JAVA, XCODE, APACHE .
$ java -version java version "1.8.0_181" Java(TM) SE Runtime Environment (build 1.8.0_181-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode) $ xcode-select -version xcode-select version 2349. $ apachectl -version Server version: Apache/2.4.33 (Unix) Server built: Apr 3 2018 23:45:11
Pour information les fichiers de configuration sont :
Les donnes sont dans :
Le WWW pour afficher les données sont dans :
Les fichiers de logs :
Les binaires (en perl) :
Ensuite il faut donc modifier le fichier de configuration : /etc/apache2/httpd.conf
….
On fait un test manuel sur Munin :
$ telnet 127.0.0.1 4949 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. # munin node at XXXXXX.local list df df_inode load munin_stats netstat postfix_mailqueue processes users fetch netstat resets.value 0 failed.value 0 .
Pour faire un test en temps que root (déconseillé) :
$ sudo mkdir /plugins/ $ sudo ln -s /opt/local/lib/munin/plugins/plugin.sh /plugins/plugin.sh $ sudo /opt/local/etc/munin/plugins/load load.value 1,59
Sinon on a l’erreur :
$ /opt/local/etc/munin/plugins/df /opt/local/etc/munin/plugins/df: line 24: /plugins/plugin.sh: No such file or directory
La méthode plus propre est la suivante :
$ sudo /opt/local/sbin/munin-run df autoconf --debug # Setting up environment # About to run '/opt/local/etc/munin/plugins/df autoconf' yes $ sudo /opt/local/sbin/munin-run df config --debug # Setting up environment # About to run '/opt/local/etc/munin/plugins/df config' graph_title Filesystem usage (in %) graph_args --upper-limit 100 -l 0 graph_vlabel % graph_scale no _dev_disk1s1.label / _dev_disk1s4.label /private/var/vm $ sudo /opt/local/sbin/munin-run df --debug # Setting up environment # About to run '/opt/local/etc/munin/plugins/df' _dev_disk1s1.value 92 _dev_disk1s4.value 6
A noter que pour l’instant ce n’est pas stable !!! J’ai du ma à comprendre.
Mes fichiers :
$ sudo cat /Library/LaunchDaemons/org.macports.munin-node.plist
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version='1.0'>
<dict>
<key>Label</key><string>org.macports.munin-node</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/bin/daemondo</string>
<string>--label=munin-node</string>
<string>--start-cmd</string>
<string>/opt/local/etc/LaunchDaemons/org.macports.munin-node/munin-node.wrapper</string>
<string>start</string>
<string>;</string>
<string>--stop-cmd</string>
<string>/opt/local/etc/LaunchDaemons/org.macports.munin-node/munin-node.wrapper</string>
<string>stop</string>
<string>;</string>
<string>--restart-cmd</string>
<string>/opt/local/etc/LaunchDaemons/org.macports.munin-node/munin-node.wrapper</string>
<string>restart</string>
<string>;</string>
<string>--pid=none</string>
</array>
<key>Disabled</key><true/>
<key>KeepAlive</key><true/>
</dict>
</plist>
$ sudo cat /Library/LaunchDaemons/org.macports.munin-cron.plist
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version='1.0'>
<dict>
<key>Label</key>
<string>org.macports.munin-cron</string>
<key>UserName</key>
<string>munin</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/sbin/munin-run</string>
</array>
<key>LowPriorityIO</key>
<true/>
<key>Nice</key>
<integer>1</integer>
<key>StartInterval</key>
<integer>300</integer>
</dict>
</plist>
Voici le mac, en version 10.13.16 :
A noter qu’il y a 16 Go de RAM, avec ELK c’est minimum 6 Go …. donc si on a 8 Go, je pense que c’est pas la peine. Ensuite on peut toujours faire toujours via un Raspberry avec des configuration minimale, mais j’observe que quand il a moins de 6 Go il fonctionne nettement moins bien.
#/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
==> This script will install:
/usr/local/bin/brew
/usr/local/share/doc/homebrew
/usr/local/share/man/man1/brew.1
/usr/local/share/zsh/site-functions/_brew
/usr/local/etc/bash_completion.d/brew
/usr/local/Homebrew
==> The following new directories will be created:
/usr/local/Caskroom
Press RETURN to continue or any other key to abort
....
==> Downloading and installing Homebrew...
remote: Enumerating objects: 3965, done.
remote: Counting objects: 100% (3965/3965), done.
remote: Compressing objects: 100% (23/23), done.
remote: Total 13167 (delta 3945), reused 3960 (delta 3942), pack-reused 9202
Receiving objects: 100% (13167/13167), 2.93 MiB | 910.00 KiB/s, done.
Resolving deltas: 100% (10207/10207), completed with 870 local objects.
From https://github.com/Homebrew/brew
....
==> Renamed Formulae
cdiff -> ydiff geth -> ethereum php56 -> php@5.6 php71 -> php@7.1 saltstack -> salt
crystal-lang -> crystal latexila -> gnome-latex php70 -> php@7.0 rebar@3 -> rebar3 wpcli-completion -> wp-cli-completion
==> Deleted Formulae
arm boot2docker ghc@8.0 i3status mal4s nazghul submarine
artifactory-cli-go boot2docker-completion gnupg@2.0 llvm@3.7 mediatomb node@4 ufoai
aws-cloudsearch dirmngr gpg-agent llvm@3.8 mimetic picolisp voltdb
bokken ecj i3 luciddb monotone python3 wry
==> Installation successful!
==> Homebrew has enabled anonymous aggregate formulae and cask analytics.
Read the analytics documentation (and how to opt-out) here:
https://docs.brew.sh/Analytics.html
==> Homebrew is run entirely by unpaid volunteers. Please consider donating:
https://github.com/Homebrew/brew#donations
==> Next steps:
- Run `brew help` to get started
- Further documentation:
https://docs.brew.sh
#brew update
Already up-to-date.
En résumé deux alertes de sécurité qu’il faut permettre :
Normalement on tape la commande :
# java -version No Java runtime present, requesting install.
Si on n’a pas java, la fenêtre suivante s’ouvre :
Il faut suivre le lien suivant pour faire l’installation : https://support.apple.com/kb/dl1572?locale=fr_FR ou alors https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html ( jdk-8u181-macosx-x64.dmg )
Les commandes :
# brew install elasticsearch && brew info elasticsearch ==> Downloading https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.4.1.tar.gz ... ==> Summary ? /usr/local/Cellar/elasticsearch/6.4.1: 118 files, 36MB, built in 55 seconds elasticsearch: stable 6.4.1, HEAD Distributed search & analytics engine https://www.elastic.co/products/elasticsearch /usr/local/Cellar/elasticsearch/6.4.1 (118 files, 36MB) * Built from source on 2018-09-26 at 09:37:48 From: https://github.com/Homebrew/homebrew-core/blob/master/Formula/elasticsearch.rb ==> Requirements Required: java = 1.8 ✔ ==> Options --HEAD Install HEAD version ... ==> Analytics install: 8,330 (30d), 30,977 (90d), 152,516 (365d) install_on_request: 7,623 (30d), 26,652 (90d), 117,574 (365d) build_error: 10 (30d)
Démarrage de Elasticsearch :
# brew services start elasticsearch ==> Tapping homebrew/services Cloning into '/usr/local/Homebrew/Library/Taps/homebrew/homebrew-services'... remote: Enumerating objects: 14, done. remote: Counting objects: 100% (14/14), done. remote: Compressing objects: 100% (10/10), done. remote: Total 14 (delta 0), reused 8 (delta 0), pack-reused 0 Unpacking objects: 100% (14/14), done. Tapped 1 command (44 files, 58.9KB). ==> Successfully started `elasticsearch` (label: homebrew.mxcl.elasticsearch)
On peut faire un premier test : http://localhost:9200
ETAPE 4 : Installation de LogstashLancement de l’installation :
# brew install logstash ==> Downloading https://artifacts.elastic.co/downloads/logstash/logstash-oss-6.4.1.tar.gz ######################################################################## 100.0% ==> Caveats Please read the getting started guide located at: https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html To have launchd start logstash now and restart at login: brew services start logstash Or, if you don't want/need a background service you can just run: logstash ==> Summary ? /usr/local/Cellar/logstash/6.4.1: 12,009 files, 247.1MB, built in 4 minutes 12 seconds
Lancement du service :
# brew services start logstash ==> Successfully started `logstash` (label: homebrew.mxcl.logstash
Installation :
# brew install kibana ==> Downloading https://homebrew.bintray.com/bottles/kibana-6.4.1.high_sierra.bottle.tar.gz ... ==> Pouring kibana-6.4.1.high_sierra.bottle.tar.gz ==> Caveats Config: /usr/local/etc/kibana/ If you wish to preserve your plugins upon upgrade, make a copy of /usr/local/opt/kibana/plugins before upgrading, and copy it into the new keg location after upgrading. To have launchd start kibana now and restart at login: brew services start kibana Or, if you don't want/need a background service you can just run: kibana ==> Summary ? /usr/local/Cellar/kibana/6.4.1: 47,176 files, 256.3MB
Lancement :
# brew services start kibana ==> Successfully started `kibana` (label: homebrew.mxcl.kibana)
Vérification des services :
# brew services list Name Status User Plist elasticsearch started .... /Users/..../Library/LaunchAgents/homebrew.mxcl.elasticsearch.plist kibana started .... /Users/..../Library/LaunchAgents/homebrew.mxcl.kibana.plist logstash started .... /Users/..../Library/LaunchAgents/homebrew.mxcl.logstash.plist
Changement de la configuration de kibana.yml :
# sudo vi /usr/local/etc/kibana/kibana.yml # Kibana is served by a back end server. This setting specifies the port to use. server.port: 5601 # The Kibana server's name. This is used for display purposes. server.name: "MacOSFred" # The URL of the Elasticsearch instance to use for all your queries. elasticsearch.url: "http://localhost:9200"
On relance :
# brew services restart kibana Stopping `kibana`... (might take a while) ==> Successfully stopped `kibana` (label: homebrew.mxcl.kibana) ==> Successfully started `kibana` (label: homebrew.mxcl.kibana)
Et on fait un test via l’URL : http://localhost:5601/status :
Maintenant on fait des ajouts …
Modification du fichier syslog.conf :
# sudo mkdir -p /etc/logstash/conf.d/ # sudo vim /etc/logstash/conf.d/syslog.conf # brew services restart logstash Stopping `logstash`... (might take a while) ==> Successfully stopped `logstash` (label: homebrew.mxcl.logstash) ==> Successfully started `logstash` (label: homebrew.mxcl.logstash)
# cd /usr/local/ # sudo bin/elasticsearch-plugin install ingest-geoip -> Downloading ingest-geoip from elastic [=================================================] 100% @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: plugin requires additional permissions @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ * java.lang.RuntimePermission accessDeclaredMembers * java.lang.reflect.ReflectPermission suppressAccessChecks See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html for descriptions of what these permissions allow and the associated risks. Continue with installation? [y/N]y -> Installed ingest-geoip # brew services restart elasticsearch Stopping `elasticsearch`... (might take a while) ==> Successfully stopped `elasticsearch` (label: homebrew.mxcl.elasticsearch) ==> Successfully started `elasticsearch` (label: homebrew.mxcl.elasticsearch) # sudo curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.4.1-darwin-x86_64.tar.gz ... # sudo tar xzvf filebeat-6.4.1-darwin-x86_64.tar.gz # cd filebeat-6.4.1-darwin-x86_64/ # sudo mkdir -p /var/log/Filebeat/registry
Attention il faut permettre de sortir :
Modification de filebeat.yml :
# sudo vi filebeat.yml
# sudo cat filebeat.yml | grep -v "#" | grep -v "^$"
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/*.log
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup.template.settings:
index.number_of_shards: 3
setup.kibana:
host: "127.0.0.1:5601"
output.elasticsearch:
hosts: ["127.0.0.1:9200"]
# sudo ./filebeat modules enable system
Enabled system
# sudo ./filebeat setup
Loaded index template
Loading dashboards (Kibana must be running and reachable)
Loaded dashboards
Loaded machine learning job configurations
Pour voir le runtime :
# sudo ./filebeat -e
A suivre.
A noter qu’ensuite le but est d’ajouter un maximum de logs, la commande suivante devrait vous permettre de trouver quelques fichiers de logs
$ lsof | grep "REG" | grep "\.log$"
Après une petite recherche sur google : https://discussions.apple.com/thread/7552801 .
Je n’ai pas réussi à trouver quel était le fichier de configuration avec le nom de domaine dans les fichier .plist de Library.
Normalement je devrait avoir une fichier : ~/Library/LaunchAgents/com.onlineapplicationrequest.* … Peut-être que Lulu a supprimé le fichier.
A suivre.