Otu esi etinye Elasticsearch na Debian 11 Bullseye

Elasticsearch bụ isi mmalite mepere emepe nke ukwuu njin nyocha na nyocha ederede zuru oke. Akụrụngwa na-akwado ọrụ RESTful nke na-enye gị ohere ịchekwa, chọọ, na nyochaa nnukwu data ngwa ngwa na nso ozugbo. Elasticsearch bụ nke a masịrị nke ọma na nke a ma ama n'etiti sysadmins na ndị mmepe dịka ọ bụ igwe nchọta siri ike dabere na ọba akwụkwọ Lucene. A na-ejikarị ya dị ka injin/teknụzụ dị n'okpuru nke na-eme ka ngwa nwere njirimara ọchụchọ dị mgbagwoju anya na ihe achọrọ.

N'ime nkuzi a, ị ga-amụta otu esi etinye ihe nchọta Elastic na Debian 11 Bullseye.

Advertisement

Prerequisites

  • OS akwadoro: Nnenna 11 Bullseye
  • Akaụntụ onye ọrụ: Akaụntụ onye ọrụ nwere sudo ma ọ bụ ohere mgbọrọgwụ.
  • Ngwungwu achọrọ: Curl na Java

Ịwụnye Curl

curl achọrọ maka akụkụ ụfọdụ nke ntuziaka a. Iji wụnye ngwugwu a, pịnye iwu a:

sudo apt install curl -y

Wụnye Java

Iji wụnye nke ọma na, nke ka mkpa, jiri Elasticsearch, ịkwesịrị ịwụnye Java. Usoro dị nnọọ mfe.

Pịnye iwu a ka ịwụnye ya Mepee ngwugwu:

sudo apt install default-jdk

Ihe atụ nwere ngwugwu a ga-etinye:

Otu esi etinye Elasticsearch na Debian 11 Bullseye

Iji gaa n'ihu na ntinye, pịnye (NA) wee pịa ( Tinye) isi.

Na-esote, nyochaa ụdị Java arụnyere ma jiri iwu a wuo ya:

java -version

Ihe atụ n'okpuru:

Otu esi etinye Elasticsearch na Debian 11 Bullseye

Ịwụnye Elasticsearch

Elasticsearch adịghị na ọkọlọtọ Debian 11 repositories, yabụ ị ga-achọ ịwụnye ya na ebe nchekwa Elasticsearch APT.

Tupu ịtinye ebe nchekwa, bubata ihe igodo GPG site na iwu a:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Ihe atụ nwere (Ọ dị mma) na-akwado na ọ gara nke ọma:

Otu esi etinye Elasticsearch na Debian 11 Bullseye

Ugbu a ị gbakwunyela igodo GPG, ebe nchekwa Elasticsearch ga-atụkwasị obi ugbu a. Gaa n'ihu iji wụnye ebe nchekwa gọọmentị site na iji iwu ọnụ ọnụ ndị a:

sudo sh -c 'echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'

N'oge nkuzi a na-emepụta, Elasticsearch 7.13.4 bụ ụdị kachasị ọhụrụ mana ọ ga-agbanwe n'oge, na ebe nchekwa ị gbakwunyere ga-arụ ọrụ maka ụdị 7.xx ọ bụla n'ọdịnihu.

Na-esote, melite ndepụta nchekwa gị wee wụnye Elasticsearch dị ka ndị a:

sudo apt update && sudo apt install elasticsearch

Site na ndabara, ọrụ Elasticsearch nwere nkwarụ na buut ma ọ naghị arụ ọrụ. Iji malite ọrụ ma mee ka ọ rụọ ọrụ na buut sistemụ, pịnye ihe ndị a (systemctl) iwu:

sudo systemctl enable elasticsearch.service --now

Na-esote, iji chọpụta na Elasticsearch na-agba ọsọ nke ọma, ị ga-eji ya curl iwu izipu otu Http arịrịọ na ọdụ ụgbọ mmiri 9200 on localhost dị ka ndị a:

curl -X GET "localhost:9200/"

Ihe atụ iji gosi na Elasticsearch na-arụ ọrụ nke ọma:

iwu curl iji nwalee elasticsearch na onye ọbịa mpaghara debian 11 bullseye | Enwere ike Linux

Ka ilele ozi sistemu nke Elasticsearch dekọrọ na sistemụ gị, pịnye iwu a:

sudo journalctl -u elasticsearch

Ndekọ mmepụta ihe atụ:

Otu esi etinye Elasticsearch na Debian 11 Bullseye
Advertisement

Na-ahazi Elasticsearch

A na-echekwa data Elasticsearch na ebe ndekọ aha nke ndabara (/var/lib/elasticsearch). Ka ilele ma ọ bụ dezie faịlụ nhazi, ị nwere ike ịhụ ha na ebe ndekọ aha (/etc/elasticsearch), na nhọrọ mmalite java nwere ike ịhazi na (/etc/default/elasticsearch) nhazi faịlụ.

Ntọala ndabara na-adịkarị mma maka otu sava na-arụ ọrụ ka Elasticsearch na-agba ọsọ localhost naanị. Agbanyeghị, ọ bụrụ na ị ga-ahazi ụyọkọ, ị ga-achọ ịgbanwe faịlụ nhazi ahụ iji kwe ka njikọ dịpụrụ adịpụ.

Nhazi ohere ime ime (nhọrọ)

Site na ndabara, Elasticsearch na-ege naanị localhost. Ka ịgbanwee nke a, mepee faịlụ nhazi dị ka ndị a:

sudo nano /etc/elasticsearch/elasticsearch.yml

Na-esote, gbadaa na chọta ngalaba netwọk na enweghị nkọwa (#) ahịrị ndị a ma jiri adreesị IP nkeonwe ma ọ bụ adreesị IP nke mpụga dochie ya dị ka ndị a:

Otu esi etinye Elasticsearch na Debian 11 Bullseye

Na ihe atụ, anyị uncommented (#) na (network.host) ma gbanwee ya ka ọ bụrụ adreesị IP nkeonwe.

Maka ebumnuche nchekwa, ọ dị mma maka ịkọwa adreesị; Otú ọ dị, ọ bụrụ na ị nwere ọtụtụ adreesị IP dị n'ime ma ọ bụ mpụga na-akụ ihe nkesa ahụ gbanwee interface netwọk iji gee onye ọ bụla ntị na ntinye. (0.0.0.0) dị ka ndị a:

Otu esi etinye Elasticsearch na Debian 11 Bullseye

Ọzọ, chekwaa faịlụ nhazi (CTRL+O) wee pụọ (CLTR+X).

Ị ga-achọ ịmalitegharị ọrụ Elasticsearch site na iji iwu na-esonụ maka mgbanwe iji malite:

sudo systemctl restart elasticsearch

Hazie UFW Firewall iji kwe ka Njikọ dịpụrụ adịpụ

Ọ bụrụ na ị kwe ka njikọ dịpụrụ adịpụ, ị ga-achọ ikwe ka firewall gị kwe ka adreesị IP ndị ahụ jikọọ. Enwere ike ime nke a site na iwu a:

sudo ufw allow from <IP Address> to any port 9200

Enwere ike ịchọta ozi ndị ọzọ na Debian na UFW firewall iji hazie ya UFW firewall na Debian.

Advertisement

Otu esi eji Elasticsearch

Iji Elasticsearch na-eji iwu iwu bụ usoro kwụ ọtọ. N'okpuru bụ ụfọdụ n'ime ihe ndị a na-ejikarị eme ihe:

Hichapụ ndetu

N'okpuru index aha samples.

curl -X DELETE 'http://localhost:9200/samples'

Depụta ndepụta ndeksi niile

curl -X GET 'http://localhost:9200/_cat/indices?v'

Depụta akwụkwọ niile na ndeksi

curl -X GET 'http://localhost:9200/sample/_search'

Ajuju site na iji paramita URL

N'ebe a, anyị na-eji usoro ajụjụ Lucene iji dee q=school:Harvard.

curl -X GET http://localhost:9200/samples/_search?q=school:Harvard

Ajuju na JSON aka Elasticsearch Query DSL

Ị nwere ike ịjụ ajụjụ site na iji paramita na URL. Mana ị nwekwara ike iji JSON, dị ka egosiri na ihe atụ na-esote. JSON ga-adị mfe ịgụ na ihichapụ mgbe ị nwere ajụjụ dị mgbagwoju anya karịa otu nnukwu eriri URL.

curl -XGET --header 'Content-Type: application/json' http://localhost:9200/samples/_search -d '{
      "query" : {
        "match" : { "school": "Harvard" }
    }
}'

Ndepụta ndepụta ndeksi

Mpaghara Elasticsearch niile bụ ndenye aha. Yabụ na nke a depụtara mpaghara niile na ụdị ha na ndeksi.

curl -X GET http://localhost:9200/samples

Tinye Data

curl -XPUT --header 'Content-Type: application/json' http://localhost:9200/samples/_doc/1 -d '{
   "school" : "Harvard"			
}'

Melite Doc

Nke a bụ otu esi etinye mpaghara na akwụkwọ dị adị. Nke mbụ, anyị na-emepụta ọhụrụ. Mgbe ahụ, anyị na-emelite ya.

curl -XPUT --header 'Content-Type: application/json' http://localhost:9200/samples/_doc/2 -d '
{
    "school": "Clemson"
}'

curl -XPOST --header 'Content-Type: application/json' http://localhost:9200/samples/_doc/2/_update -d '{
"doc" : {
               "students": 50000}
}'

Ndekọ ndabere

curl -XPOST --header 'Content-Type: application/json' http://localhost:9200/_reindex -d '{
  "source": {
    "index": "samples"
  },
  "dest": {
    "index": "samples_backup"
  }
}'

Ibu ibu data n'ụdị JSON

export pwd="elastic:"

curl --user $pwd  -H 'Content-Type: application/x-ndjson' -XPOST 'https://58571402f5464923883e7be42a037917.eu-central-1.aws.cloud.es.io:9243/0/_bulk?pretty' --data-binary @<file>

Gosi ahụ ike ụyọkọ

curl --user $pwd  -H 'Content-Type: application/json' -XGET https://58571402f5464923883e7be42a037917.eu-central-1.aws.cloud.es.io:9243/_cluster/health?pretty

Nchịkọta na nchịkọta ịwụ

Maka sava webụ Nginx, nke a na-ewepụta ọnụọgụ webụ site n'obodo ndị ọrụ:

curl -XGET --user $pwd --header 'Content-Type: application/json'  https://58571402f5464923883e7be42a037917.eu-central-1.aws.cloud.es.io:9243/logstash/_search?pretty -d '{
        "aggs": {
             "cityName": {
                    "terms": {
                     "field": "geoip.city_name.keyword",
                                "size": 50

        }
   }
  }
}
'

Nke a na-agbasa nke ahụ gaa na koodu nzaghachi ngwaahịa nke obodo n'ime ndekọ sava weebụ Nginx

curl -XGET --user $pwd --header 'Content-Type: application/json'  https://58571402f5464923883e7be42a037917.eu-central-1.aws.cloud.es.io:9243/logstash/_search?pretty -d '{
        "aggs": {
          "city": {
                "terms": {
                        "field": "geoip.city_name.keyword"
                },
        "aggs": {
          "responses": {
                "terms": {
                     "field": "response"
                 }
           }
         }
      },
      "responses": {
                "terms": {
                     "field": "response"
                 }
        }
   }
}'

Iji ElasticSearch na nzere Basic

Ọ bụrụ na ịgbanyela nchekwa na ElasticSearch, yabụ ịkwesịrị ịnye onye ọrụ na paswọọdụ dị ka egosiri n'okpuru iwu curl ọ bụla:

curl -X GET 'http://localhost:9200/_cat/indices?v' -u elastic:(password)

Mbipụta mara mma

Tinye ?mara mma = eziokwu maka ọchụchọ ọ bụla iji bipụta JSON mara mma. Dị ka nke a:

 curl -X GET 'http://localhost:9200/(index)/_search'?pretty=true

Ịjụ ajụjụ na weghachi naanị ụfọdụ ubi

Iji weghachi naanị ụfọdụ ubi, tinye ha n'usoro _source array:

GET filebeat-7.6.2-2020.05.05-000001/_search
 {
    "_source": ["suricata.eve.timestamp","source.geo.region_name","event.created"],
    "query":      {
        "match" : { "source.geo.country_iso_code": "GR" }
    }
}

Ịjụ ajụjụ site na ụbọchị

Mgbe ubi ahụ bụ ụdị ụbọchị, ị nwere ike iji mgbakọ ụbọchị, dịka nke a:

GET filebeat-7.6.2-2020.05.05-000001/_search
 {
    "query": {
        "range" : {
            "event.created": {
                "gte" : "now-7d/d"
            }
        }
}
}

Na-ewepụ Elasticsearch

Ọ bụrụ na ịchọkwaghị Elasticsearch, ị nwere ike wepu ngwanro ahụ site na iji iwu a:

sudo apt remove elasticsearch

Wepu ebe nchekwa apt dị ka ndị a:

sudo rm /etc/apt/sources.list.d/elastic-7.x.list

Mgbe ahụ melite ndepụta nchekwa gị iji gosipụta mgbanwe ndị a:

sudo apt update

Okwu na mmechi

Ị mụtala ka esi etinye Elasticsearch na Debian 11 Bullseye site na ebe nchekwa ọrụ Elasticsearch wee hazie isi ihe na nkuzi. N'ozuzu, ElasticSearch nwere ọtụtụ atụmatụ ewu ewu, ụfọdụ a kpọtụrụ aha na mmalite nke nkuzi ahụ, mana ndị ọzọ gụnyere inye ndị ọrụ ohere ịchọ mpaghara dị iche iche site na iji otu ajụjụ. ElasticSearch na-enye nnukwu ọkwa nke sharding, nke pụtara scalability kwụ ọtọ, nke na-eme ka arụmọrụ ahụ dịkwuo elu ọbụlagodi na mmụba nke ibu.

Maka ịgụkwu ihe, gaa na onye ọrụ gọọmentị ibe akwukwo.

Idenye aha
Gwa nke
0 Comments
Inline nzaghachi
Lee echiche niile
mgbasa ozi mgbasa ozi
0
Ga-ahụ n'anya gị echiche, biko okwu.x