Solaris Elasticsearch Forwarder(Logstash) Setup

Create elastic data pool

zpool create data1 c1d1

Add elastic user

groupadd elastic
useradd -d /export/home/elastic -g elastic -m -s /bin/bash -c "Elastic Search" elastic

Install elastic binary’s

cd /opt;unzip -qq /install/elasticsearch-2.2.0.zip;mv elasticsearch-2.2.0 elasticsearch

mkdir /data1 /data1/data /data1/plugins /data1/log
mkdir /opt/elasticsearch/current /opt/elasticsearch/current/logs /opt/elasticsearch/current/data /opt/elasticsearch/current/tmp

chown -R elastic:elastic  /opt/elasticsearch /data1

Grant access for elastic user

echo "elastic::::lock_after_retries=no;defaultpriv=all,file_dac_read;profiles=Primary Administrator,All" >>/etc/user_attr

Configre system limits for user elastic

/etc/project

elastic:100::::process.max-file-descriptor=(priv,65536,deny);process.max-sem-nsems=(priv,1024,deny);project.max-sem-ids=(priv,256,deny);project.max-shm-memory=(privileged,68719476736,deny)

add to /opt/elasticsearch/bin/elasticsearch (top)

ulimit -n unlimited

Configure startup script

svccfg import elasticsearch.xml

Configure elasticsearch.yml for hot warm (SSD)
Hot warm config

Configure hot template

curl -XPUT http://elk2.domain.com:9200/_template/web-sql-log -d '              
{
  "template": "web-sql-log-*",
  "settings": {
    "index.refresh_interval": "5s",
    "index.routing.allocation.require.box_type": "hot",
    "number_of_shards" : 3
  }
}
'
{"acknowledged":true}

Add latter the mappings

  "mappings": {
  "jmx": {
    "properties": {
      "OpenSessions_Count": {
        "type": "long"
      },
      "PendingUserRequestCount_Count": {
        "type": "long"
      },
      "Host_Name": {
        "type": "string",
	"index": "not_analyzed"
      },
      "@timestamp": {
        "format": "strict_date_optional_time||epoch_millis",
        "type": "date"
      },
      "ActiveExecuteThreads_ActvCount": {
        "type": "integer"
      },
      "ActiveExecuteThreads_MaxCount": {
        "type": "integer"
      },
      "@version": {
        "type": "string"
      },
      "host": {
        "type": "string",
	"index": "not_analyzed"
      },
      "ActiveConnectionsCount_Count": {
        "type": "long"
      },
      "message": {
        "type": "string"
      },
      "type": {
        "type": "string"
      },
      "command": {
        "type": "string"
      }
    }
  }

To verify the template

curl -XGET 'http://elkdm1.domain.com:9200/_template/web-sql-log?pretty'

On Linux – Add to startup scripts

# On linux append in /etc/init.d/elasticsearch in line starting with daemon --user
--node.box_type warm

Note: On Solaris its part of SMF startup

To Get cluster status

curl elkdm3.domain.com:9200/_nodes/stats/process?pretty

# Or Memory locking
curl http://elkdm4.domain.com:9200/_nodes/process?pretty|grep mlockall

Solaris Elasticsearch SMF startup

0 0 votes

Article Rating

Create elastic data pool

Add elastic user

Install elastic binary’s

Grant access for elastic user

Configre system limits for user elastic

add to /opt/elasticsearch/bin/elasticsearch (top)

Configure startup script

Configure hot template

Add latter the mappings

To verify the template

To Get cluster status

Solaris Elasticsearch SMF startup

Like this:

Related

Create elastic data pool

Add elastic user

Install elastic binary’s

Grant access for elastic user

Configre system limits for user elastic

add to /opt/elasticsearch/bin/elasticsearch (top)

Configure startup script

Configure hot template

Add latter the mappings

To verify the template

To Get cluster status

Solaris Elasticsearch SMF startup

Share this:

Like this:

Related