
  • 1.组件介绍:

  • Beats(version:6.1.2):数据采集的得力工具。将这些采集器安装在您的服务器中,它们就会把数据汇总到 Elasticsearch。如果需要更加强大的处理性能,Beats 还能将数据输送到 Logstash 进行转换和解析。
  • ElasticSearch(version:6.1.2):一个分布式的 RESTful风格的搜索和数据分析引擎,能够解决不断涌现出的各种用例
  • kibana(version:6.1.2):能够以图表的形式呈现数据,并且具有可扩展的用户界面
  • Grafana:是一个开源指标分析和可视化套件。 它最常用于可视化基础设施和应用程序分析的时间序列数据,但许多应用于其他领域,包括工业传感器,家庭自动化,天气和过程控制.
  • 2.本文的ElasticSearch、Beats、kibana和Grfana全部基于Ubunutu 16.04 Server操作系统安装,其他操作系统参考官网文档地址为:https://www.elastic.co/cn/products 点击下载可以看到elasticsearch,beats和kibana的下载安装步骤介绍。

  • 3.安装elasticsearch:

  • 3.1. 登录操作系统,安装公共签名钥匙:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add


  • 3.2 把elasticsearch的安装源写入到ubunutu的安装源中:
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list

  • 3.3 执行安装命令:
sudo apt-get update && sudo apt-get install elasticsearch


update-rc.d elasticsearch defaults 95 10
  • 3.4 修改配置文件:



vi elasticsearch.yml

打开配置文件以后我们这里提供单机配置,集群的后面在考虑,所以下面的elasticsearch配置文件均为单机配置,修改配置文件中的network.host 以及port就好其余保持默认,修改完成后的配置文件如下:

# ======================== Elasticsearch Configuration =========================
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
# ---------------------------------- Cluster -----------------------------------
# Use a descriptive name for your cluster:
#cluster.name: elasticsearch
# ------------------------------------ Node ------------------------------------
# Use a descriptive name for the node:
#node.name: node-1
# Add custom attributes to the node:
#node.attr.rack: r1
# ----------------------------------- Paths ------------------------------------
# Path to directory where to store the data (separate multiple locations by comma):
path.data: /var/lib/elasticsearch
# Path to log files:
path.logs: /var/log/elasticsearch
# ----------------------------------- Memory -----------------------------------
# Lock the memory on startup:
#bootstrap.memory_lock: true
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
# Elasticsearch performs poorly when the system is swapping the memory.
# ---------------------------------- Network -----------------------------------
# Set the bind address to a specific IP (IPv4 or IPv6):
# Set a custom port for HTTP:
http.port: 9200
# For more information, consult the network module documentation.
# --------------------------------- Discovery ----------------------------------
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["", "[::1]"]
#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
# For more information, consult the zen discovery module documentation.
# ---------------------------------- Gateway -----------------------------------
# Block initial recovery after a full cluster restart until N nodes are started:
#gateway.recover_after_nodes: 3
# For more information, consult the gateway module documentation.
# ---------------------------------- Various -----------------------------------
# Require explicit names when deleting indices:
#action.destructive_requires_name: true

service elasticsearch start

启动后访问http://你配置的IP:配置的端口访问,我的就是http:// 界面如下图所示表示访问成功:

  • 4 安装Beats
apt-get install metricbeat


update-rc.d metricbeat defaults 95 10




vi metricbeat.yml


###################### Metricbeat Configuration Example #######################

# This file is an example configuration file highlighting only the most common
# options. The metricbeat.reference.yml file from the same directory contains all the
# supported options with more comments. You can use it as a reference.
# You can find the full configuration reference here:
# https://www.elastic.co/guide/en/beats/metricbeat/index.html

#==========================  Modules configuration ============================

  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml

  # Set to true to enable config reloading
  reload.enabled: false

  # Period on which files under path should be checked for changes
  #reload.period: 10s

#==================== Elasticsearch template setting ==========================

  index.number_of_shards: 1
  index.codec: best_compression
  #_source.enabled: false

#================================ General =====================================

# The name of the shipper that publishes the network data. It can be used to group
# all the transactions sent by a single shipper in the web interface.

# The tags of the shipper are included in their own field with each
# transaction published.
#tags: ["service-X", "web-tier"]

# Optional fields that you can specify to add additional information to the
# output.
#  env: staging

#============================== Dashboards =====================================
# These settings control loading the sample dashboards to the Kibana index. Loading
# the dashboards is disabled by default and can be enabled either by setting the
# options here, or by using the `-setup` CLI flag or the `setup` command.
#setup.dashboards.enabled: false

# The URL from where to download the dashboards archive. By default this URL
# has a value which is computed based on the Beat name and version. For released
# versions, this URL points to the dashboard archive on the artifacts.elastic.co
# website.

#============================== Kibana =====================================

# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  host: ""

#============================= Elastic Cloud ==================================

# These settings simplify using metricbeat with the Elastic Cloud (https://cloud.elastic.co/).

# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
# `setup.kibana.host` options.
# You can find the `cloud.id` in the Elastic Cloud web UI.

# The cloud.auth setting overwrites the `output.elasticsearch.username` and
# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.

#================================ Outputs =====================================

# Configure what output to use when sending the data collected by the beat.

#-------------------------- Elasticsearch output ------------------------------
  # Array of hosts to connect to.
  hosts: [""]

  # Optional protocol and basic auth credentials.
  #protocol: "https"
  #username: "elastic"
  #password: "changeme"

#----------------------------- Logstash output --------------------------------
  # The Logstash hosts
  #hosts: ["localhost:5044"]

  # Optional SSL. By default is off.
  # List of root certificates for HTTPS server verifications
  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]

  # Certificate for SSL client authentication
  #ssl.certificate: "/etc/pki/client/cert.pem"

  # Client Certificate Key
  #ssl.key: "/etc/pki/client/cert.key"

#================================ Logging =====================================

# Sets log level. The default log level is info.
# Available log levels are: critical, error, warning, info, debug
#logging.level: debug

# At debug level, you can selectively enable logging only for some components.
# To enable all selectors use ["*"]. Examples of other selectors are "beat",
# "publish", "service".
#logging.selectors: ["*"]

修改其中的setup.kiabana:host 以及 output.elasticsearch:hosts,其中setup.kiabana:host 的地址改为后面要安装的kibana的地址我这里是192.168.20.142:5601 这里修改为你的就好,output.elasticsearch:hosts就是上面安装的elasticsearch的地址192.168.20.142:9000

  • 5 安装kibana
 apt-get install kibana


update-rc.d kibana defaults 95 10




vi kibana.yml

修改配置文件中的server.port、server.host和 elasticsearch.url
其中server.port 对应上面metricbeat的端口就好保持默认,然后server.host配置为ip方便其他机器安装metricbeat能直接访问,elasticsearch.url直接配置第一步配置的端口和ip即可,我的配置文件如下:

# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: ""

# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects
# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests
# to Kibana. This setting cannot end in a slash.
#server.basePath: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayloadBytes: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "your-hostname"

# The URL of the Elasticsearch instance to use for all your queries.

elasticsearch.url: ""

# When this setting's value is true Kibana uses the hostname specified in the server.host
# setting. When the value of this setting is false, Kibana uses the hostname of the host
# that connects to this Kibana instance.
#elasticsearch.preserveHost: true

# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "user"
#elasticsearch.password: "pass"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files validate that your Elasticsearch backend uses the same key files.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

启动kibana 执行命令

service kibana start


service metricbeat start

启动完成后浏览器访问: http://kibana的ip:5601,第一次打开后让你配置elasticsearch的界面如下:


红框中的index pattern 填写为:metricbeat-6.1.2-* 然后点击下一步,如果成功了出现下面这图:



  • 6 安装配置Grafana
    vi /etc/apt/sources.list
deb https://packagecloud.io/grafana/stable/debian/ jessie main


curl https://packagecloud.io/gpg.key | sudo apt-key add -
sudo apt-get update
sudo apt-get install grafana


sudo update-rc.d grafana-server defaults


vi /etc/grafana/grafana.ini 

修改其中的http_addr为主机IP地址 端口保持默认的3000,root_url 为http://主机IP地址:端口,如下图:



sudo service grafana-server start



默认用户名和密码是admin 输入以后登录成功跳转


点击创建datasource也是就是第二个图标create your first datasource 填入信息如下图所示:

pattern选择为Daily这样就选择为当年最新的索引匹配天的索引数据,填写完成后点击Save & Test 按钮 只要索引和elasearch地址配置正确会出现successful的




点击import Dashboard 导入我的json即可,我的json如下:

  "annotations": {
    "list": [
        "builtIn": 1,
        "datasource": "-- Grafana --",
        "enable": true,
        "hide": true,
        "iconColor": "rgba(0, 211, 255, 1)",
        "name": "Annotations & Alerts",
        "type": "dashboard"
  "editable": true,
  "gnetId": null,
  "graphTooltip": 0,
  "hideControls": false,
  "id": 5,
  "links": [],
  "refresh": false,
  "rows": [
      "collapse": false,
      "height": 304,
      "panels": [
          "aliasColors": {},
          "bars": false,
          "dashLength": 10,
          "dashes": false,
          "datasource": "监控运维",
          "fill": 3,
          "id": 1,
          "legend": {
            "avg": false,
            "current": true,
            "max": false,
            "min": false,
            "show": true,
            "total": false,
            "values": true
          "lines": true,
          "linewidth": 2,
          "links": [],
          "nullPointMode": "connected",
          "percentage": true,
          "pointradius": 5,
          "points": false,
          "renderer": "flot",
          "seriesOverrides": [],
          "spaceLength": 10,
          "span": 3,
          "stack": true,
          "steppedLine": false,
          "targets": [
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.cpu.system.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.cpu.user.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "B",
              "timeField": "@timestamp"
          "thresholds": [],
          "timeFrom": null,
          "timeShift": null,
          "title": "CPU",
          "tooltip": {
            "shared": true,
            "sort": 0,
            "value_type": "cumulative"
          "type": "graph",
          "xaxis": {
            "buckets": null,
            "mode": "time",
            "name": null,
            "show": true,
            "values": []
          "yaxes": [
              "format": "percentunit",
              "label": null,
              "logBase": 1,
              "max": "100",
              "min": "0",
              "show": true
              "format": "short",
              "label": null,
              "logBase": 1,
              "max": null,
              "min": null,
              "show": true
          "aliasColors": {},
          "bars": false,
          "dashLength": 10,
          "dashes": false,
          "datasource": "监控运维",
          "fill": 3,
          "id": 2,
          "legend": {
            "avg": false,
            "current": true,
            "max": false,
            "min": false,
            "show": true,
            "total": false,
            "values": true
          "lines": true,
          "linewidth": 2,
          "links": [],
          "nullPointMode": "connected",
          "percentage": false,
          "pointradius": 5,
          "points": false,
          "renderer": "flot",
          "seriesOverrides": [],
          "spaceLength": 10,
          "span": 3,
          "stack": false,
          "steppedLine": false,
          "targets": [
              "alias": "总内存",
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.memory.total",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
              "alias": "已经使用",
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.memory.used.bytes",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "B",
              "timeField": "@timestamp"
          "thresholds": [],
          "timeFrom": null,
          "timeShift": null,
          "title": "内存",
          "tooltip": {
            "shared": true,
            "sort": 0,
            "value_type": "individual"
          "type": "graph",
          "xaxis": {
            "buckets": null,
            "mode": "time",
            "name": null,
            "show": true,
            "values": []
          "yaxes": [
              "decimals": null,
              "format": "decbytes",
              "label": null,
              "logBase": 1,
              "max": null,
              "min": "0",
              "show": true
              "format": "short",
              "label": null,
              "logBase": 1,
              "max": null,
              "min": null,
              "show": true
          "cacheTimeout": null,
          "colorBackground": false,
          "colorValue": true,
          "colors": [
            "rgba(237, 129, 40, 0.89)",
          "datasource": "监控运维",
          "decimals": 2,
          "format": "percentunit",
          "gauge": {
            "maxValue": 1,
            "minValue": 0,
            "show": true,
            "thresholdLabels": false,
            "thresholdMarkers": true
          "id": 3,
          "interval": null,
          "links": [],
          "mappingType": 1,
          "mappingTypes": [
              "name": "value to text",
              "value": 1
              "name": "range to text",
              "value": 2
          "maxDataPoints": 100,
          "nullPointMode": "connected",
          "nullText": null,
          "postfix": "",
          "postfixFontSize": "50%",
          "prefix": "",
          "prefixFontSize": "50%",
          "rangeMaps": [
              "from": "null",
              "text": "N/A",
              "to": "null"
          "span": 2,
          "sparkline": {
            "fillColor": "rgba(31, 118, 189, 0.18)",
            "full": false,
            "lineColor": "rgb(31, 120, 193)",
            "show": false
          "tableColumn": "",
          "targets": [
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.cpu.user.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
          "thresholds": "0.8,0.9,1",
          "title": "CPU",
          "type": "singlestat",
          "valueFontSize": "80%",
          "valueMaps": [
              "op": "=",
              "text": "N/A",
              "value": "null"
          "valueName": "current"
          "cacheTimeout": null,
          "colorBackground": false,
          "colorValue": true,
          "colors": [
            "rgba(237, 129, 40, 0.89)",
          "datasource": "监控运维",
          "decimals": 2,
          "format": "percentunit",
          "gauge": {
            "maxValue": 1,
            "minValue": 0,
            "show": true,
            "thresholdLabels": false,
            "thresholdMarkers": true
          "id": 4,
          "interval": null,
          "links": [],
          "mappingType": 1,
          "mappingTypes": [
              "name": "value to text",
              "value": 1
              "name": "range to text",
              "value": 2
          "maxDataPoints": 100,
          "nullPointMode": "connected",
          "nullText": null,
          "postfix": "",
          "postfixFontSize": "50%",
          "prefix": "",
          "prefixFontSize": "50%",
          "rangeMaps": [
              "from": "null",
              "text": "N/A",
              "to": "null"
          "span": 2,
          "sparkline": {
            "fillColor": "rgba(31, 118, 189, 0.18)",
            "full": false,
            "lineColor": "rgb(31, 120, 193)",
            "show": false
          "tableColumn": "",
          "targets": [
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.memory.used.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
          "thresholds": "0.70,0.8,0.9",
          "title": "内存使用量",
          "type": "singlestat",
          "valueFontSize": "80%",
          "valueMaps": [
              "op": "=",
              "text": "N/A",
              "value": "null"
          "valueName": "current"
          "cacheTimeout": null,
          "colorBackground": false,
          "colorValue": true,
          "colors": [
            "rgba(237, 129, 40, 0.89)",
          "datasource": "监控运维",
          "decimals": 2,
          "format": "percentunit",
          "gauge": {
            "maxValue": 1,
            "minValue": 0,
            "show": true,
            "thresholdLabels": false,
            "thresholdMarkers": true
          "id": 5,
          "interval": null,
          "links": [],
          "mappingType": 1,
          "mappingTypes": [
              "name": "value to text",
              "value": 1
              "name": "range to text",
              "value": 2
          "maxDataPoints": 100,
          "nullPointMode": "connected",
          "nullText": null,
          "postfix": "",
          "postfixFontSize": "50%",
          "prefix": "",
          "prefixFontSize": "50%",
          "rangeMaps": [
              "from": "null",
              "text": "N/A",
              "to": "null"
          "span": 2,
          "sparkline": {
            "fillColor": "rgba(31, 118, 189, 0.18)",
            "full": false,
            "lineColor": "rgb(31, 120, 193)",
            "show": false
          "tableColumn": "",
          "targets": [
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.filesystem.used.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
          "thresholds": "0.8,0.9,1",
          "title": "硬盘使用量",
          "type": "singlestat",
          "valueFontSize": "80%",
          "valueMaps": [
              "op": "=",
              "text": "N/A",
              "value": "null"
          "valueName": "current"
      "repeat": null,
      "repeatIteration": null,
      "repeatRowId": null,
      "showTitle": false,
      "title": "Dashboard Row",
      "titleSize": "h6"
      "collapse": false,
      "height": 250,
      "panels": [
          "aliasColors": {},
          "bars": false,
          "dashLength": 10,
          "dashes": false,
          "datasource": "监控运维",
          "fill": 3,
          "id": 6,
          "legend": {
            "alignAsTable": false,
            "avg": false,
            "current": false,
            "max": false,
            "min": false,
            "show": false,
            "total": false,
            "values": false
          "lines": true,
          "linewidth": 2,
          "links": [],
          "nullPointMode": "connected",
          "percentage": false,
          "pointradius": 5,
          "points": false,
          "renderer": "flot",
          "seriesOverrides": [
              "alias": "Average system.network.out.bytes"
          "spaceLength": 10,
          "span": 12,
          "stack": false,
          "steppedLine": false,
          "targets": [
              "alias": "network in",
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.network.in.bytes",
                  "hide": true,
                  "id": "1",
                  "meta": {},
                  "pipelineAgg": "select metric",
                  "settings": {},
                  "type": "avg"
                  "field": "1",
                  "id": "3",
                  "meta": {},
                  "pipelineAgg": "1",
                  "settings": {},
                  "type": "derivative"
              "query": "beat.hostname:$Node AND !system.network.name:\"IBM USB Remote NDIS Network Device\"",
              "refId": "A",
              "timeField": "@timestamp"
              "alias": "network out",
              "bucketAggs": [
                  "field": "@timestamp",
                  "id": "2",
                  "settings": {
                    "interval": "auto",
                    "min_doc_count": 0,
                    "trimEdges": 0
                  "type": "date_histogram"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.network.out.bytes",
                  "hide": true,
                  "id": "1",
                  "meta": {},
                  "pipelineAgg": "select metric",
                  "settings": {},
                  "type": "avg"
                  "field": "1",
                  "id": "3",
                  "meta": {},
                  "pipelineAgg": "1",
                  "settings": {},
                  "type": "derivative"
              "query": "beat.hostname:$Node AND !system.network.name:\"IBM USB Remote NDIS Network Device\"",
              "refId": "B",
              "timeField": "@timestamp"
          "thresholds": [],
          "timeFrom": null,
          "timeShift": null,
          "title": "网络 In / Out",
          "tooltip": {
            "shared": true,
            "sort": 0,
            "value_type": "individual"
          "type": "graph",
          "xaxis": {
            "buckets": null,
            "mode": "time",
            "name": null,
            "show": true,
            "values": []
          "yaxes": [
              "format": "Bps",
              "label": null,
              "logBase": 1,
              "max": null,
              "min": "0",
              "show": true
              "format": "Bps",
              "label": null,
              "logBase": 1,
              "max": null,
              "min": "0",
              "show": true
      "repeat": null,
      "repeatIteration": null,
      "repeatRowId": null,
      "showTitle": false,
      "title": "Dashboard Row",
      "titleSize": "h6"
      "collapse": false,
      "height": 250,
      "panels": [
          "columns": [],
          "datasource": "监控运维",
          "fontSize": "100%",
          "id": 7,
          "links": [],
          "pageSize": 20,
          "scroll": true,
          "showHeader": true,
          "sort": {
            "col": null,
            "desc": false
          "span": 12,
          "styles": [
              "alias": "系统进程列表",
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "pattern": "system.process.name",
              "preserveFormat": false,
              "sanitize": false,
              "type": "string"
              "alias": "系统CPU资源占用",
              "colorMode": "value",
              "colors": [
                "rgba(50, 172, 45, 0.97)",
                "rgba(245, 54, 54, 0.9)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "Max system.process.cpu.total.pct",
              "thresholds": [
              "type": "number",
              "unit": "percent"
              "alias": "内存占用",
              "colorMode": null,
              "colors": [
                "rgba(50, 172, 45, 0.97)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(245, 54, 54, 0.9)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "Max system.process.memory.size",
              "thresholds": [
              "type": "number",
              "unit": "decbytes"
              "alias": "常驻内存",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "Max system.process.memory.rss.bytes",
              "thresholds": [],
              "type": "number",
              "unit": "decbytes"
              "alias": "共享内存",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "Max system.process.memory.share",
              "thresholds": [],
              "type": "number",
              "unit": "decbytes"
              "alias": "",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "decimals": 2,
              "pattern": "/.*/",
              "thresholds": [],
              "type": "number",
              "unit": "short"
          "targets": [
              "bucketAggs": [
                  "field": "system.process.name",
                  "id": "2",
                  "settings": {
                    "min_doc_count": 1,
                    "order": "desc",
                    "orderBy": "1",
                    "size": "10"
                  "type": "terms"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.process.cpu.total.pct",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
                  "field": "system.process.memory.size",
                  "id": "3",
                  "meta": {},
                  "settings": {},
                  "type": "max"
                  "field": "system.process.memory.rss.bytes",
                  "id": "4",
                  "meta": {},
                  "settings": {},
                  "type": "max"
                  "field": "system.process.memory.share",
                  "id": "5",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
          "title": "系统进程",
          "transform": "table",
          "type": "table"
      "repeat": null,
      "repeatIteration": null,
      "repeatRowId": null,
      "showTitle": false,
      "title": "Dashboard Row",
      "titleSize": "h6"
      "collapse": false,
      "height": 250,
      "panels": [
          "columns": [],
          "datasource": "监控运维",
          "fontSize": "100%",
          "id": 8,
          "links": [],
          "pageSize": null,
          "scroll": true,
          "showHeader": true,
          "sort": {
            "col": 1,
            "desc": true
          "span": 12,
          "styles": [
              "alias": "挂载分区",
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "pattern": "system.filesystem.mount_point",
              "type": "string"
              "alias": "剩余空间",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "system.filesystem.available",
              "thresholds": [],
              "type": "number",
              "unit": "decbytes"
              "alias": "使用空间",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "system.filesystem.used.bytes",
              "thresholds": [],
              "type": "number",
              "unit": "decbytes"
              "alias": "总共使用空间",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "decimals": 2,
              "pattern": "Max",
              "thresholds": [],
              "type": "number",
              "unit": "decbytes"
              "alias": "",
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              "decimals": 2,
              "pattern": "/.*/",
              "thresholds": [],
              "type": "number",
              "unit": "short"
          "targets": [
              "bucketAggs": [
                  "fake": true,
                  "field": "system.filesystem.mount_point",
                  "id": "3",
                  "settings": {
                    "min_doc_count": 1,
                    "order": "desc",
                    "orderBy": "_term",
                    "size": "5"
                  "type": "terms"
                  "fake": true,
                  "field": "system.filesystem.available",
                  "id": "4",
                  "settings": {
                    "min_doc_count": 1,
                    "order": "desc",
                    "orderBy": "_term",
                    "size": "1"
                  "type": "terms"
                  "field": "system.filesystem.used.bytes",
                  "id": "2",
                  "settings": {
                    "min_doc_count": 1,
                    "order": "desc",
                    "orderBy": "_term",
                    "size": "1"
                  "type": "terms"
              "dsType": "elasticsearch",
              "metrics": [
                  "field": "system.filesystem.total",
                  "id": "1",
                  "meta": {},
                  "settings": {},
                  "type": "max"
              "query": "beat.hostname:$Node",
              "refId": "A",
              "timeField": "@timestamp"
          "title": "硬盘",
          "transform": "table",
          "type": "table"
      "repeat": null,
      "repeatIteration": null,
      "repeatRowId": null,
      "showTitle": false,
      "title": "Dashboard Row",
      "titleSize": "h6"
  "schemaVersion": 14,
  "style": "dark",
  "tags": [],
  "templating": {
    "list": [
        "allValue": null,
        "current": {
          "text": "elastic",
          "value": "elastic"
        "datasource": "监控运维",
        "hide": 0,
        "includeAll": false,
        "label": null,
        "multi": false,
        "name": "Node",
        "options": [],
        "query": "{\"find\": \"terms\", \"field\": \"beat.hostname\"}",
        "refresh": 1,
        "regex": "",
        "sort": 0,
        "tagValuesQuery": "",
        "tags": [],
        "tagsQuery": "",
        "type": "query",
        "useTags": false
  "time": {
    "from": "2018-01-26T05:47:13.321Z",
    "to": "2018-01-26T08:27:13.321Z"
  "timepicker": {
    "refresh_intervals": [
    "time_options": [
  "timezone": "",
  "title": "Datababy",
  "version": 4




  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 199,711评论 5 468
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 83,932评论 2 376
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 146,770评论 0 330
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 53,799评论 1 271
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 62,697评论 5 359
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 48,069评论 1 276
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 37,535评论 3 390
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 36,200评论 0 254
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 40,353评论 1 294
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 35,290评论 2 317
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 37,331评论 1 329
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 33,020评论 3 315
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 38,610评论 3 303
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 29,694评论 0 19
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 30,927评论 1 255
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 42,330评论 2 346
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 41,904评论 2 341
