- 1python逻辑回归aic_机器学习算法常用模型—逻辑回归(附上R和python程序)
- 2【深入了解pytorch】PyTorch序列到序列模型: 实现机器翻译和聊天机器人
- 3基于阿里云的快照介绍_阿里云 创建极速快照
- 4ai论文写作神器免费(在线ai论文写作生成器)
- 5常用的6个的ChatGPT网站,国内可用!_思研chat
- 6Redis 常见延迟问题排查手册!附33条优化建议_redis远程获取数据耗时长
- 7【NLP自然语言处理学习笔记07 Bert理论+莫烦pytorch代码理解】_mlm任务代码 pytorch
- 8【STM32 CubeMX】串口编程DMA_stm32串口dmacubemx
- 9Vue 中 route.path 和 route.fullPath 的区别
- 10(上手篇)redis 最详细上手讲解
ELK 系列三、ELK6.5.3 +xpack编译_{"root_cause":[{"type":"illegal_state_exception",
赞
踩
目录
1.2 进入/usr/local目录(根据自己喜好选择,创建的文件后期会删除)
1.8 启动kibana(先重启elasticsearch)
大家好,继续上一章安装部署完环境后需要开启用户登录授权等白金许可证的功能。我把许可证续到2050年了
好,不多说了,开始操作
一、编译生成jar包和license更新
由于在elasticsearch在6.3版本之后x-pack是默认安装好的,所以不再需要用户自己去安装,在此之前你可以先体验试用版30天(不影响后面破解
1.1开启试用版
启动elasticsearch后通过curl启动试用版(注意端口修改)
curl -H "Content-Type:application/json" -XPOST http://localhost:9200/_xpack/license/start_trial?acknowledge=true当然你也可以在网页上操作
点击Management,点击 Elasticsearch,点击 License Management,再开启试用
1.2 进入/usr/local目录(根据自己喜好选择,创建的文件后期会删除)
如果不想自己弄的也可以直接使用我打包好的(然后可以跳到步骤1.4的覆盖命令去)
jar包下载地址:https://pan.baidu.com/s/1L3cqrSP6Q3s1oREISjEj7g 密码:t3q4
①创建LicenseVerifier.java文件
vim LicenseVerifier.java
- package org.elasticsearch.license;
- import java.nio.*; import java.util.*;
- import java.security.*;
- import org.elasticsearch.common.xcontent.*;
- import org.apache.lucene.util.*;
- import org.elasticsearch.common.io.*;
- import java.io.*;
-
- public class LicenseVerifier {
- public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {
- return true;
- }
-
- public static boolean verifyLicense(final License license) {
- return true;
- }
- }
②创建XPackBuild.java文件
vim XPackBuild.java
- package org.elasticsearch.xpack.core;
- import org.elasticsearch.common.io.*;
- import java.net.*;
- import org.elasticsearch.common.*;
- import java.nio.file.*;
- import java.io.*;
- import java.util.jar.*;
- public class XPackBuild {
- public static final XPackBuild CURRENT;
- private String shortHash;
- private String date;
- @SuppressForbidden(reason = "looks up path of xpack.jar directly") static Path getElasticsearchCodebase() {
- final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
- try { return PathUtils.get(url.toURI()); }
- catch (URISyntaxException bogus) {
- throw new RuntimeException(bogus); }
- }
-
- XPackBuild(final String shortHash, final String date) {
- this.shortHash = shortHash;
- this.date = date;
- }
-
- public String shortHash() {
- return this.shortHash;
- }
- public String date(){
- return this.date;
- }
-
- static {
- final Path path = getElasticsearchCodebase();
- String shortHash = null;
- String date = null;
- Label_0157: { shortHash = "Unknown"; date = "Unknown";
- }
-
- CURRENT = new XPackBuild(shortHash, date);
- }
- }
1.3 分别编译两个文件
- javac -cp "/data/elasticsearch-6.5.3/lib/elasticsearch-6.5.3.jar:/data/elasticsearch-6.5.3/lib/lucene-core-7.5.0.jar:/data/elasticsearch-6.5.3/modules/x-pack-core/x-pack-core-6.5.3.jar" LicenseVerifier.java
- javac -cp "/data/elasticsearch-6.5.3/lib/elasticsearch-6.5.3.jar:/data/elasticsearch-6.5.3/lib/lucene-core-7.5.0.jar:/data/elasticsearch-6.5.3/modules/x-pack-core/x-pack-core-6.5.3.jar:/data/elasticsearch-6.5.3/lib/elasticsearch-core-6.5.3.jar" XPackBuild.java
编译完成后会生成LicenseVerifier.class和XPackBuild.class两个文件
1.4 覆盖之前的jar文件
- cd /usr/local
- mkdir tempJar
- cp /data/elasticsearch-6.5.3/modules/x-pack-core/x-pack-core-6.5.3.jar tempJar/
- cd tempJar
- jar -xf x-pack-core-6.5.3.jar
- cp ../LicenseVerifier.class org/elasticsearch/license/
- cp ../XPackBuild.class org/elasticsearch/xpack/core/
- rm x-pack-core-6.5.3.jar
- jar -cvf x-pack-core-6.5.3.jar *
- #覆盖之前备份原jar包
- cp /data/elasticsearch-6.5.3/modules/x-pack-core/x-pack-core-6.5.3.jar /data/elasticsearch-6.5.3/modules/x-pack-core/x-pack-core-6.5.3.jar.bak
- #覆盖之前的jar包
- cp x-pack-core-6.5.3.jar /data/elasticsearch-6.5.3/modules/x-pack-core/
1.5 修改elasticsearch.yml配置文件
vim /data/elasticsearch-6.5.3/config/elasticsearch.yml
- #添加如下代码打开x-pack安全验证
- xpack.security.enabled: true
1.6 生成用户名和密码
- #需要重启elasticsearch,上面的配置修改才起作用
- 5.生成用户名和密码
- cd /data/elasticsearch,上面的配置修改才起作用-6.5.3/bin
- #自动生成(二选一)
- ./elasticsearch-setup-passwords auto
- #手动生成(二选一)
- ./elasticsearch-setup-passwords interactive
我这次使用了自动
- ./elasticsearch-setup-passwords auto
- Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
- The passwords will be randomly generated and printed to the console.
- Please confirm that you would like to continue [y/N]y
-
-
- Changed password for user apm_system
- PASSWORD apm_system = Qql5kU1s0qlgjvH5OeTcZ7
-
- Changed password for user kibana
- PASSWORD kibana = 9BTNVpn1xF21k2bcAKH1He
-
- Changed password for user logstash_system
- PASSWORD logstash_system = JFboJA33c997QcxMetkMTX
-
- Changed password for user beats_system
- PASSWORD beats_system = PEjPdJw9r4HUZ8kHezOK5Zy
-
- Changed password for user remote_monitoring_user
- PASSWORD remote_monitoring_user = 1yn3L53C71Wgml8uGdKUcf
-
- Changed password for user elastic
- PASSWORD elastic = 1CHYC5IO6T86rgZM66kyOw
修改密码命令
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'
可以执行测试命令
curl 127.0.0.1:9200 --user elastic:123456
1.7 将生成的elastic密码配置到kibana中
- vim /data/kibana-6.5.3-linux-x86_64/config/kibana.yml
- #找到以下参数并修改(以下用户名和密码均为你自己的elasticsearch的账户和密码)
- #就是上一步骤5生成的密码
- elasticsearch.username: elastic
- elasticsearch.password: 1CHYC5IO6T86rgZM66kyOw
1.8 启动kibana(先重启elasticsearch)
- supervisorctl restart elasticsearch
- supervisorctl restart kibana
启动完成后访问kibana(这个就不用我多说了吧,记得要开放端口哦)
但是我们发现只有一个月的试用时间(在登陆成功后的主页面Management->LicenseManagement可以看到)
更新license前先关闭x-pack,不然会报错
{"error":{"root_cause":[{"type":"illegal_state_exception","reason":"Cannot install a [PLATINUM] license unless TLS is configured or security is disabled"}],"type":"illegal_state_exception","reason":"Cannot install a [PLATINUM] license unless TLS is configured or security is disabled"},"status":500}
关闭操作:
- vim /data/elasticsearch-6.5.3/config/elasticsearch.yml
- #添加如下代码打开x-pack安全验证
- xpack.security.enabled: false
-
-
- #然后重启
- supervisorctl restart elasticsearch
我生成的license内容为:
"type":"platinum" 为白金版许可证,如果需要自己生成license可去官网申请然后修改
license.json的内容如下:
{"license":{"uid":"21b42476-d3a5-4662-95e3-7463c9a9c167","type":"platinum","issue_date_in_millis":1545177600000,"expiry_date_in_millis":2544271999999,"max_nodes":100,"issued_to":"wei wu (wu2700222)","issuer":"Web Form","signature":"AAAAAwAAAA0BdC1OCE7WMDdZ1TX7AAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCCwaKavNagUevP7tN1UWQm/z55fhxtdtdjWkE5MD5pI34OZFd8UZmvy5k0zhhE1wteH8AglWG7J5TPFbpW4dkQ2SdhOmvv5QeFjrzeCgmQl4r1H0lBmZ9sznAwK9yKKh4v4BTNIW6y4LDzYmKdMU1JUpbr9gvULOlZxRyGijA09phlyJ97mQfnjPSvn55Bg8PXhsoJ2RIabUAK204z5bYHINKfRltKyy6b3QuRjPHtzEP6xsON6STHROAVWLrmy3XUp2VMC2gQnx9G64xgMBdvC7KZQfpJiXqWAJf49Ojz+xAf0xC9DhGopq+a29fb5GutPaeIi10XDopfkn9z4ZeL","start_date_in_millis":1545177600000}}然后把license.json上传到服务器并使用curl提交
curl -XPUT -u elastic 'http://127.0.0.1:9200/_xpack/license' -H "Content-Type: application/json" -d @elk_license.json
返回{"acknowledged":true,"license_status":"valid"} 则成功
接着重启打开x-pack
- vim /data/elasticsearch-6.5.3/config/elasticsearch.yml
- #添加如下代码打开x-pack安全验证
- xpack.security.enabled: true
-
-
- #然后重启
- supervisorctl restart elasticsearch
有网友反应碰到一个情况,重启es后报错信息如下:
[2019-01-21T21:23:07,030][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://elastic:xxxxxx@192.168.1.222:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://elastic:xxxxxx@192.168.1.222:9200/][Manticore::SocketException] Connection refused"}
解决方法:
在上面的配置文件中再增加一项:
xpack.security.transport.ssl.enabled: true
二、配置logstash
因为我们打开了x-pack,需要认证才能上传数据,所有需要在logstash的配置文件中加入认证
[root@i-uzt2a3oi local]# vim /data/logstash-6.5.3/default.conf
需要修改output中的设置,新增user和password
output {
if [logtype] == "otosaas_app_xingneng" {
elasticsearch {
user => "elastic"
password => "XXXXXX"
hosts => ["127.0.0.1:9200"]
index => "otosaas_app_xingneng-%{+YYYY.MM.dd}"
}
}
if [logtype] == "otosaas_app_yunxing" {
elasticsearch {
user => "elastic"
password => "XXXXXX"
hosts => ["127.0.0.1:9200"]
index => "otosaas_app_yunxing-%{+YYYY.MM.dd}"
}
}
if [logtype] == "otosaas_konglog" {
elasticsearch {
user => "elastic"
password => "XXXXXX"
hosts => ["127.0.0.1:9200"]
index => "otosaas_konglog-%{+YYYY.MM.dd}"
}
}
}
不然logstash会报401和403错误
修改完需要重启logstash
三、新增账号密码
新增xpack后第一次登录http://192.168.1.78:5601/的时候使用 elastic/XXXX 用户密码登录
然后可以新建一个超级管理员,一个普通read用户
用户roles选择superuser为超级管理员
新增普通用户,先新建一个view的roles,设置如下
然后再新建一个users,绑定这个view就ok了
