[8] Heartbeat – Instalacja

29 marca 2022 Wyłączono przez Adam [zicherka] Nogły

Zainstaluj Heartbeat, który może monitorować usługi pod kątem ich dostępności z aktywnym sondowaniem.

[1] Zainstaluj Heartbeat. Skonfiguruj repozytorium Elasticsearch przed instalacją.

[root@vlsr01 ~]# dnf install heartbeat-elastic

[2] Skonfiguruj podstawowe ustawienia i uruchom Heartbeat.

[root@vlsr01 ~]# mcedit /etc/heartbeat/heartbeat.yml
# linia 23: ustaw elementy
# domyślnie monitoruje adres URL http://localhost:9200, jak poniżej
heartbeat.monitors:
- type: http
# Set enabled to true (or delete the following line) to enable this example moonitor
enabled: true
# ID used to uniquely identify this monitor in elasticsearch even if the confiig changes
id: my-monitor
# Human readable display name for this service in Uptime UI and elsewhere
name: My Monitor
# List or urls to query
urls: ["http://localhost:9200"]
# Configure task schedule
schedule: '@every 10s'
# Total test connection and data exchange timeout
#timeout: 16s
. . . . .
# linia 70: jeśli używasz Kibany, odkomentuj i określ hosta wyjściowego
# jeśli SSL jest włączony w Kibana, nazwa hosta powinna być taka sama jak nazwa hosta w certs
setup.kibana:
. . . . .
host: "https://vlsr01.zicher.lab:5601"
# linia 101: określ hosta wyjściowego
# domyślną opcją jest Elasticsearch lokalnego hosta
# jeśli wyjście jest do Logstash, zakomentuj Elasticsearch i odkomentuj wiersze logstash
output.elasticsearch:
# Array of hosts to connect to
hosts: ["localhost:9200"]
. . . . .
#output.logstash:
# The Logstash hosts
#hosts: ["localhost:5044"]

[root@vlsr01 ~]# mcedit /etc/heartbeat/heartbeat.reference.yml
# linia 24: domyślnie monitorowany host lokalny z ICMP co 5 minut
heartbeat.monitors:
- type: icmp # monitor type `icmp` (requires root) uses ICMP Echo Request to pinng
             # configured hosts
# ID used to uniquely identify this monitor in elasticsearch even if the confiig changes
id: my-monitor
# Human readable display name for this service in Uptime UI and elsewhere
name: my-icmp-monitor
# Name of corresponding APM service, if Elastic APM is in use for the monitoreed service.
# service.name: my-apm-service-name
# Enable/Disable monitor
enabled: true
# Configure task schedule using cron-like syntax
schedule: '*/5 * * * * * *' # exactly every 5 seconds like 10:00:00, 10:00:05,,
# List of hosts to ping
hosts: ["localhost"]
# linia 104: sekcja monitorowania TCP
- type: tcp # monitor type `tcp`. Connect via TCP and optionally verify endpoint
            # by sending/receiving a custom payload
# ID used to uniquely identify this monitor in elasticsearch even if the confiig changes
id: my-monitor
# Human readable display name for this service in Uptime UI and elsewhere
name: my-tcp-monitor
# Enable/Disable monitor
enabled: true
# Configure task schedule
schedule: '@every 5s' # every 5 seconds from start of beat
. . . . .
hosts: ["localhost:9200"]
. . . . .

[root@vlsr01 ~]# systemctl enable --now heartbeat-elastic

[3] Sprawdź status, czy dane zostały zebrane normalnie.

# lista indeksów
[root@vlsr01 ~]# curl localhost:9200/_cat/indices?v
health status index                               uuid                   pri rep docs.count docs.deleted store.size pri.store.size
green  open   .geoip_databases                    3Blp2ITzT3OGMcKpXWQmvQ   1   0         44            0     41.5mb         41.5mb
yellow open   sshd_fail-2022.03                   oEnHEEU5QAe_qnDkUUhxYg   1   1         40            0     41.6kb         41.6kb
green  open   .apm-custom-link                    xQPmqjYQQNGk7jqY47y5lg   1   0          0            0       226b           226b
yellow open   heartbeat-7.17.1-2022.03.27-000001  A6XA-CJiSl6FMPlIJr_B_Q   1   1          2            0     43.5kb         43.5kb
yellow open   metricbeat-7.17.1-2022.03.26-000001 7YefwbdcSdehjGkbWHoFog   1   1      97271            0     61.8mb         61.8mb
green  open   .apm-agent-configuration            5G3uKQzFReOnbIAS1thWCg   1   0          0            0       226b           226b
yellow open   packetbeat-7.17.1-2022.03.27-000001 YmtowBRbQjSaYcjWVRqRHA   1   1     179317            0     52.4mb         52.4mb
green  open   .async-search                       KVliO2njSce1JuGEXKxeuQ   1   0          0            0       255b           255b
green  open   .kibana_task_manager_7.17.1_001     OSLFw2ALSgi4QKmU_ucjOA   1   0         17        60444      6.1mb          6.1mb
green  open   .kibana_7.17.1_001                  rnb6SpMkQQmPFx1PI4t77Q   1   0       5080         7358      6.7mb          6.7mb
yellow open   filebeat-7.17.1-2022.03.27-000001   AHMGTS80TmqndW4G6_Qo8w   1   1       6285            0      1.1mb          1.1mb

# lista dokumentów w indeksie
[root@vlsr01 ~]# curl localhost:9200/heartbeat-7.17.1-2022.03.27-000001/_search?pretty
{
  "took" : 1,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 7,
      "relation" : "eq"
    },
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "heartbeat-7.17.1-2022.03.27-000001",
        "_type" : "_doc",
        "_id" : "O17Zyn8Bv-wbtR34UFwp",
        "_score" : 1.0,
        "_source" : {
          "@timestamp" : "2022-03-27T10:08:32.831Z",
          "url" : {
            "scheme" : "http",
            "domain" : "localhost",
            "port" : 9200,
            "full" : "http://localhost:9200"
          },
          "event" : {
            "dataset" : "http"
          },
          "ecs" : {
            "version" : "1.12.0"
          },
          "observer" : {
            "hostname" : "vlsr01.zicher.lab",
            "ip" : [
              "192.168.100.101",
              "fe80::20c:29ff:fe4c:770"
            ],
            "mac" : [
              "00:0c:29:4c:07:70"
            ]
          },
          "monitor" : {
            "check_group" : "d5c28ab6-adb5-11ec-9578-000c294c0770",
            "ip" : "127.0.0.1",
            "timespan" : {
              "gte" : "2022-03-27T10:08:32.833Z",
              "lt" : "2022-03-27T10:08:42.833Z"
            },
            "id" : "my-monitor",
            "name" : "My Monitor",
            "type" : "http",
            "status" : "up",
            "duration" : {
              "us" : 1635
            }
          },