OpenTelemetry를 사용하여 자체 호스팅 Elasticsearch를 모니터링하세요.

OpenTelemetry Collector를 서버 또는 가상 머신에 직접 설치하여 자체 호스팅 Elasticsearch 클러스터를 모니터링하세요. 뉴렐릭은 도면 설정 및 모니터링 요구 사항에 맞는 유연한 구현, 배포 옵션을 제공합니다.

You can choose between three collector options:

NRDOT: 뉴럴릭 OpenTelemetry배포
OTel Collector Contrib: 커뮤니티에서 제공한 구성 요소를 포함하는 표준 OpenTelemetry Collector
Prometheus Receiver: For environments already running a Prometheus Elasticsearch exporter

설치 옵션

필요에 맞는 수집기 배포 방식을 선택하십시오.

시작하기 전에

Before configuring Elasticsearch monitoring with NRDOT, ensure you have:

NRDOT collector installed:

You must have NRDOT collector installed and running as a systemd service on your host
If not installed, follow the official NRDOT installation guide to install the collector using the package manager (DEB/RPM) which sets up the systemd service automatically
필요한 접근 권한:
너의 뉴렐릭
호스트 시스템에 대한 루트 또는 sudo 권한
monitor 또는 manage 클러스터 권한을 가진 Elasticsearch 클러스터 관리자 권한 (자세한 내용은 Elasticsearch 보안 권한 문서를 참조하십시오)
시스템 요구사항:
Elasticsearch 버전 7.16 이상 - 이 통합 기능을 사용하려면 최신 Elasticsearch 클러스터가 필요합니다.
네트워크 연결 - 뉴렐릭의 OTLP 수집 엔드포인트로의 아웃바운드 HTTPS(포트 443)
설정값이 준비되었습니다:
Elasticsearch 엔드포인트 - Elasticsearch 클러스터 URL(예: http://localhost:9200)
Cluster 이름 - 클러스터에 대한 고유한 클러스터 이름입니다.

Elasticsearch 모니터링을 구성합니다.

Once the NRDOT collector is installed, replace the collector's default configuration file with the Elasticsearch monitoring configuration. This will enable Elasticsearch metrics collection. Host metrics and logs are optional and can be added separately.

설정 파일의 위치는 다음과 같습니다. /etc/nrdot-collector/config.yaml

팁

기본 설정을 백업하세요: 설정 파일을 수정하기 전에 기본 설정을 보존하기 위해 백업 복사본을 만드세요.

bash

$sudo cp /etc/nrdot-collector/config.yaml /etc/nrdot-collector/config.yaml.backup

수집기를 구성하려면 다음 단계를 따르세요.

루트 또는 sudo 권한으로 텍스트 편집기를 사용하여 설정 파일을 엽니다.
bash
```
$sudo nano /etc/nrdot-collector/config.yaml
```

기존 콘텐츠를 모두 삭제하고 다음 Elasticsearch 모니터링 설정으로 교체하십시오.

중요

endpoint 값을 Elasticsearch 클러스터 입체포인트로 바꾸고 프로세서 블록의 elasticsearch.cluster.name 고유한 이름으로 업데이트하여 뉴렐릭에서 클러스터를 식별하세요.

receivers:
  elasticsearch:
    endpoint: "http://localhost:9200"
    collection_interval: 15s
    metrics:
      elasticsearch.os.cpu.usage:
        enabled: true
      elasticsearch.cluster.data_nodes:
        enabled: true
      elasticsearch.cluster.health:
        enabled: true
      elasticsearch.cluster.in_flight_fetch:
        enabled: true
      elasticsearch.cluster.nodes:
        enabled: true
      elasticsearch.cluster.pending_tasks:
        enabled: true
      elasticsearch.cluster.shards:
        enabled: true
      elasticsearch.cluster.state_update.time:
        enabled: true
      elasticsearch.index.documents:
        enabled: true
      elasticsearch.index.operations.merge.current:
        enabled: true
      elasticsearch.index.operations.time:
        enabled: true
      elasticsearch.node.cache.count:
        enabled: true
      elasticsearch.node.cache.evictions:
        enabled: true
      elasticsearch.node.cache.memory.usage:
        enabled: true
      elasticsearch.node.shards.size:
        enabled: true
      elasticsearch.node.cluster.io:
        enabled: true
      elasticsearch.node.documents:
        enabled: true
      elasticsearch.node.disk.io.read:
        enabled: true
      elasticsearch.node.disk.io.write:
        enabled: true
      elasticsearch.node.fs.disk.available:
        enabled: true
      elasticsearch.node.fs.disk.total:
        enabled: true
      elasticsearch.node.http.connections:
        enabled: true
      elasticsearch.node.ingest.documents.current:
        enabled: true
      elasticsearch.node.ingest.operations.failed:
        enabled: true
      elasticsearch.node.open_files:
        enabled: true
      elasticsearch.node.operations.completed:
        enabled: true
      elasticsearch.node.operations.current:
        enabled: true
      elasticsearch.node.operations.get.completed:
        enabled: true
      elasticsearch.node.operations.time:
        enabled: true
      elasticsearch.node.shards.reserved.size:
        enabled: true
      elasticsearch.index.shards.size:
        enabled: true
      elasticsearch.os.cpu.load_avg.1m:
        enabled: true
      elasticsearch.os.cpu.load_avg.5m:
        enabled: true
      elasticsearch.os.cpu.load_avg.15m:
        enabled: true
      elasticsearch.os.memory:
        enabled: true
      jvm.gc.collections.count:
        enabled: true
      jvm.gc.collections.elapsed:
        enabled: true
      jvm.memory.heap.max:
        enabled: true
      jvm.memory.heap.used:
        enabled: true
      jvm.memory.heap.utilization:
        enabled: true
      jvm.threads.count:
        enabled: true
      elasticsearch.index.segments.count:
        enabled: true
      elasticsearch.index.operations.completed:
        enabled: true
      elasticsearch.node.script.cache_evictions:
        enabled: false
      elasticsearch.node.cluster.connections:
        enabled: false
      elasticsearch.node.pipeline.ingest.documents.preprocessed:
        enabled: false
      elasticsearch.node.thread_pool.tasks.queued:
        enabled: false
      elasticsearch.cluster.published_states.full:
        enabled: false
      jvm.memory.pool.max:
        enabled: false
      elasticsearch.node.script.compilation_limit_triggered:
        enabled: false
      elasticsearch.node.shards.data_set.size:
        enabled: false
      elasticsearch.node.pipeline.ingest.documents.current:
        enabled: false
      elasticsearch.cluster.state_update.count:
        enabled: false
      elasticsearch.node.fs.disk.free:
        enabled: false
      jvm.memory.nonheap.used:
        enabled: false
      jvm.memory.pool.used:
        enabled: false
      elasticsearch.node.translog.size:
        enabled: false
      elasticsearch.node.thread_pool.threads:
        enabled: false
      elasticsearch.cluster.state_queue:
        enabled: false
      elasticsearch.node.translog.operations:
        enabled: false
      elasticsearch.memory.indexing_pressure:
        enabled: false
      elasticsearch.node.ingest.documents:
        enabled: false
      jvm.classes.loaded:
        enabled: false
      jvm.memory.heap.committed:
        enabled: false
      elasticsearch.breaker.memory.limit:
        enabled: false
      elasticsearch.indexing_pressure.memory.total.replica_rejections:
        enabled: false
      elasticsearch.breaker.memory.estimated:
        enabled: false
      elasticsearch.cluster.published_states.differences:
        enabled: false
      jvm.memory.nonheap.committed:
        enabled: false
      elasticsearch.node.translog.uncommitted.size:
        enabled: false
      elasticsearch.node.script.compilations:
        enabled: false
      elasticsearch.node.pipeline.ingest.operations.failed:
        enabled: false
      elasticsearch.indexing_pressure.memory.limit:
        enabled: false
      elasticsearch.breaker.tripped:
        enabled: false
      elasticsearch.indexing_pressure.memory.total.primary_rejections:
        enabled: false
      elasticsearch.node.thread_pool.tasks.finished:
        enabled: false
processors:
  memory_limiter:
    check_interval: 60s
    limit_mib: ${env:NEW_RELIC_MEMORY_LIMIT_MIB:-100}
  cumulativetodelta: {}
  attributes/cluster_state_aggregate:
    include:
      match_type: strict
      metric_names:
        - elasticsearch.cluster.state_update.time
    actions:
      - key: type
        action: delete
      - key: state
        action: delete
  filter/critical_operations:
    metrics:
      datapoint:
        # Filters to keep only: query, index, get, merge
        # Affects only 4 metrics: *.operations.completed and *.operations.time
        # All other metrics pass through unchanged
        - 'attributes["operation"] == "query" or attributes["operation"] == "index" or attributes["operation"] == "get" or attributes["operation"] == "merge" or attributes["operation"] == nil'
  resource/cluster_name_override:
    attributes:
      - key: elasticsearch.cluster.name
        value: "<elasticsearch-cluster-name>"
        action: upsert
  resourcedetection:
    detectors: [ system ]
    system:
      resource_attributes:
        host.name:
          enabled: true
        host.id:
          enabled: true
        os.type:
          enabled: true
  batch:
    timeout: 30s
    send_batch_size: 2048
    send_batch_max_size: 4096
  attributes/cardinality_reduction:
    actions:
      - key: process.pid
        action: delete
      - key: process.parent_pid
        action: delete
  transform/metadata_nullify:
    metric_statements:
      - context: metric
        statements:
          - set(description, "")
          - set(unit, "")
exporters:
  otlphttp:
    endpoint: ${env:NEWRELIC_OTLP_ENDPOINT}
    headers:
      api-key: ${env:NEWRELIC_LICENSE_KEY}
    compression: gzip
    timeout: 30s
    retry_on_failure:
      enabled: true
      initial_interval: 5s
      max_interval: 30s
      max_elapsed_time: 300s
service:
  pipelines:
    metrics/elasticsearch:
      receivers: [elasticsearch]
      processors: [memory_limiter, resourcedetection, resource/cluster_name_override, attributes/cardinality_reduction, filter/critical_operations, attributes/cluster_state_aggregate, cumulativetodelta, transform/metadata_nullify, batch]
      exporters: [otlphttp]

(선택 사항) 인증 및 SSL을 사용하는 보안 Elasticsearch 의 경우 수신자 설정을 수정하십시오.

receivers:
  elasticsearch:
    endpoint: "https://localhost:9200"
    username: "your_elasticsearch_username"
    password: "your_elasticsearch_password"
    tls:
      ca_file: "/etc/elasticsearch/certs/http_ca.crt"
      insecure_skip_verify: false
    collection_interval: 15s

(선택 사항) 호스트 메트릭을 수집하려면 hostmetrics 수신기를 추가하세요.

receivers:
  hostmetrics:
    collection_interval: 60s
    scrapers:
      cpu:
        metrics:
          system.cpu.utilization: {enabled: true}
          system.cpu.time: {enabled: true}
      load:
        metrics:
          system.cpu.load_average.1m: {enabled: true}
          system.cpu.load_average.5m: {enabled: true}
          system.cpu.load_average.15m: {enabled: true}
      memory:
        metrics:
          system.memory.usage: {enabled: true}
          system.memory.utilization: {enabled: true}
      disk:
        metrics:
          system.disk.io: {enabled: true}
          system.disk.operations: {enabled: true}
      filesystem:
        metrics:
          system.filesystem.usage: {enabled: true}
          system.filesystem.utilization: {enabled: true}
      network:
        metrics:
          system.network.io: {enabled: true}
          system.network.packets: {enabled: true}
      process:
        metrics:
          process.cpu.utilization:
            enabled: true

그리고 서비스 파이프라인에 다음을 추가하세요:

service:
  pipelines:
    metrics/host:
      receivers: [hostmetrics]
      processors: [memory_limiter, resourcedetection, batch]
      exporters: [otlphttp]

(Optional) To collect Elasticsearch logs, add the filelog receiver. Ensure the user running the collector service (nrdot-collector) has read access to your Elasticsearch log files:

Elasticsearch를 Linux(호스트)에서 실행하는 경우:

receivers:
  filelog:
    include:
      - /var/log/elasticsearch/elasticsearch.log
      - /var/log/elasticsearch/*.log

도커에서 Elasticsearch 실행하는 경우:

receivers:
  filelog:
    include:
      - /var/lib/docker/containers/*/*.log
    operators:
      - type: move
        from: attributes.log
        to: body

그리고 서비스 파이프라인에 다음을 추가하세요:

service:
  pipelines:
    logs:
      receivers: [filelog]
      processors: [resource/cluster_name_override]
      exporters: [otlphttp]

(선택 사항) 메트릭에 사용자 지정 메타데이터 태그를 추가하려면 resource/static_override 프로세서를 사용하세요.

processors:
  resource/static_override:
    attributes:
      - key: env
        value: "production"
        action: upsert
service:
  pipelines:
    metrics/elasticsearch:
      receivers: [elasticsearch]
      processors: [memory_limiter, resourcedetection, resource/cluster_name_override, resource/static_override, attributes/cardinality_reduction, cumulativetodelta, transform/metadata_nullify, batch]
      exporters: [otlphttp]

설정 파일을 저장합니다.
환경 변수를 설정하세요:
systemd 오버라이드 디렉터리를 생성합니다.
bash
```
$sudo mkdir -p /etc/systemd/system/nrdot-collector.service.d
```
환경 설정 파일을 생성합니다.
bash
```
$cat <<EOF | sudo tee /etc/systemd/system/nrdot-collector.service.d/environment.conf
$[Service]
$Environment="NEWRELIC_OTLP_ENDPOINT=https://otlp.nr-data.net:4318"
$Environment="NEWRELIC_LICENSE_KEY=YOUR_LICENSE_KEY_HERE"
$Environment="NEW_RELIC_MEMORY_LIMIT_MIB=100"
$EOF
```
설정값을 사용자 값으로 업데이트하세요:
- https://otlp.nr-data.net:4318 해당 지역의 엔드포인트로 바꾸세요.
- YOUR_LICENSE_KEY_HERE 실제 뉴웰 클러스터 키로 바꾸세요.
- 100 수집기에 사용할 원하는 메모리 제한(MiB 단위)으로 바꾸십시오(기본값: 100MiB). 사용 환경의 필요에 따라 조정하십시오.
변경 사항을 적용하려면 NRDOT 수집기를 다시 시작하십시오.
bash
```
$sudo systemctl daemon-reload
$sudo systemctl restart nrdot-collector.service
```

데이터 수집 확인

Verify that the NRDOT collector is running and collecting data without errors:

수집기 서비스 상태를 확인하세요:
bash
```
$sudo systemctl status nrdot-collector.service
```
수집기 로그를 모니터링하여 오류가 있는지 확인하십시오.
bash
```
$sudo journalctl -u nrdot-collector.service -f
```
Elasticsearch 및 뉴럴릭과의 성공적인 연결을 찾아보세요. 오류가 발생하는 경우 문제 해결, 해결 가이드를 참조하세요.

시작하기 전에

OTel Collector Contrib을 구성하기 전에 다음 사항을 확인하십시오.

필요한 접근 권한:

너의 뉴렐릭
호스트 시스템에 대한 루트 또는 sudo 권한
monitor 또는 manage 클러스터 권한을 가진 Elasticsearch 클러스터 관리자 권한 (자세한 내용은 Elasticsearch 보안 권한 문서를 참조하십시오)
시스템 요구사항:
Elasticsearch 버전 7.16 이상 - 이 통합 기능을 사용하려면 최신 Elasticsearch 클러스터가 필요합니다.
네트워크 연결 - 뉴렐릭의 OTLP 수집 엔드포인트로의 아웃바운드 HTTPS(포트 443)
설정값이 준비되었습니다:
Elasticsearch 엔드포인트 - Elasticsearch 클러스터 URL(예: http://localhost:9200)
Cluster 이름 - 클러스터에 대한 고유한 클러스터 이름입니다.
중요
진행하기 전에 호스트에 OpenTelemetry Collector Contrib이 설치되어 있어야 합니다. systemd 서비스 유닛이 올바르게 생성되도록 공식 패키지(.deb 또는 .rpm)를 통해 설치하는 것을 권장합니다.

Elasticsearch 모니터링을 구성합니다.

OTel Collector Contrib이 설치되면 수집기의 기본 설정 파일을 Elasticsearch 모델링 설정으로 바꿉니다. 이렇게 하면 Elasticsearch 메트릭 수집이 가능해집니다. 호스트 메트릭 및 로그는 선택 사항이며 별도로 추가할 수 있습니다.

설정 파일의 위치는 다음과 같습니다. /etc/otelcol-contrib/config.yaml

팁

기본 설정을 백업하세요: 설정 파일을 수정하기 전에 기본 설정을 보존하기 위해 백업 복사본을 만드세요.

bash

$sudo cp /etc/otelcol-contrib/config.yaml /etc/otelcol-contrib/config.yaml.backup

수집기를 구성하려면 다음 단계를 따르세요.

루트 또는 sudo 권한으로 텍스트 편집기를 사용하여 설정 파일을 엽니다.
bash
```
$sudo nano /etc/otelcol-contrib/config.yaml
```

기존 콘텐츠를 모두 삭제하고 다음 Elasticsearch 모니터링 설정으로 교체하십시오.

중요

receivers:
  elasticsearch:
    endpoint: "http://localhost:9200"
    collection_interval: 15s
    metrics:
      elasticsearch.os.cpu.usage:
        enabled: true
      elasticsearch.cluster.data_nodes:
        enabled: true
      elasticsearch.cluster.health:
        enabled: true
      elasticsearch.cluster.in_flight_fetch:
        enabled: true
      elasticsearch.cluster.nodes:
        enabled: true
      elasticsearch.cluster.pending_tasks:
        enabled: true
      elasticsearch.cluster.shards:
        enabled: true
      elasticsearch.cluster.state_update.time:
        enabled: true
      elasticsearch.index.documents:
        enabled: true
      elasticsearch.index.operations.merge.current:
        enabled: true
      elasticsearch.index.operations.time:
        enabled: true
      elasticsearch.node.cache.count:
        enabled: true
      elasticsearch.node.cache.evictions:
        enabled: true
      elasticsearch.node.cache.memory.usage:
        enabled: true
      elasticsearch.node.shards.size:
        enabled: true
      elasticsearch.node.cluster.io:
        enabled: true
      elasticsearch.node.documents:
        enabled: true
      elasticsearch.node.disk.io.read:
        enabled: true
      elasticsearch.node.disk.io.write:
        enabled: true
      elasticsearch.node.fs.disk.available:
        enabled: true
      elasticsearch.node.fs.disk.total:
        enabled: true
      elasticsearch.node.http.connections:
        enabled: true
      elasticsearch.node.ingest.documents.current:
        enabled: true
      elasticsearch.node.ingest.operations.failed:
        enabled: true
      elasticsearch.node.open_files:
        enabled: true
      elasticsearch.node.operations.completed:
        enabled: true
      elasticsearch.node.operations.current:
        enabled: true
      elasticsearch.node.operations.get.completed:
        enabled: true
      elasticsearch.node.operations.time:
        enabled: true
      elasticsearch.node.shards.reserved.size:
        enabled: true
      elasticsearch.index.shards.size:
        enabled: true
      elasticsearch.os.cpu.load_avg.1m:
        enabled: true
      elasticsearch.os.cpu.load_avg.5m:
        enabled: true
      elasticsearch.os.cpu.load_avg.15m:
        enabled: true
      elasticsearch.os.memory:
        enabled: true
      jvm.gc.collections.count:
        enabled: true
      jvm.gc.collections.elapsed:
        enabled: true
      jvm.memory.heap.max:
        enabled: true
      jvm.memory.heap.used:
        enabled: true
      jvm.memory.heap.utilization:
        enabled: true
      jvm.threads.count:
        enabled: true
      elasticsearch.index.segments.count:
        enabled: true
      elasticsearch.index.operations.completed:
        enabled: true
      elasticsearch.node.script.cache_evictions:
        enabled: false
      elasticsearch.node.cluster.connections:
        enabled: false
      elasticsearch.node.pipeline.ingest.documents.preprocessed:
        enabled: false
      elasticsearch.node.thread_pool.tasks.queued:
        enabled: false
      elasticsearch.cluster.published_states.full:
        enabled: false
      jvm.memory.pool.max:
        enabled: false
      elasticsearch.node.script.compilation_limit_triggered:
        enabled: false
      elasticsearch.node.shards.data_set.size:
        enabled: false
      elasticsearch.node.pipeline.ingest.documents.current:
        enabled: false
      elasticsearch.cluster.state_update.count:
        enabled: false
      elasticsearch.node.fs.disk.free:
        enabled: false
      jvm.memory.nonheap.used:
        enabled: false
      jvm.memory.pool.used:
        enabled: false
      elasticsearch.node.translog.size:
        enabled: false
      elasticsearch.node.thread_pool.threads:
        enabled: false
      elasticsearch.cluster.state_queue:
        enabled: false
      elasticsearch.node.translog.operations:
        enabled: false
      elasticsearch.memory.indexing_pressure:
        enabled: false
      elasticsearch.node.ingest.documents:
        enabled: false
      jvm.classes.loaded:
        enabled: false
      jvm.memory.heap.committed:
        enabled: false
      elasticsearch.breaker.memory.limit:
        enabled: false
      elasticsearch.indexing_pressure.memory.total.replica_rejections:
        enabled: false
      elasticsearch.breaker.memory.estimated:
        enabled: false
      elasticsearch.cluster.published_states.differences:
        enabled: false
      jvm.memory.nonheap.committed:
        enabled: false
      elasticsearch.node.translog.uncommitted.size:
        enabled: false
      elasticsearch.node.script.compilations:
        enabled: false
      elasticsearch.node.pipeline.ingest.operations.failed:
        enabled: false
      elasticsearch.indexing_pressure.memory.limit:
        enabled: false
      elasticsearch.breaker.tripped:
        enabled: false
      elasticsearch.indexing_pressure.memory.total.primary_rejections:
        enabled: false
      elasticsearch.node.thread_pool.tasks.finished:
        enabled: false
processors:
  memory_limiter:
    check_interval: 60s
    limit_mib: ${env:NEW_RELIC_MEMORY_LIMIT_MIB:-100}
  cumulativetodelta: {}
  resource/cluster_name_override:
    attributes:
      - key: elasticsearch.cluster.name
        value: "<elasticsearch-cluster-name>"
        action: upsert
  resourcedetection:
    detectors: [ system ]
    system:
      resource_attributes:
        host.name:
          enabled: true
        host.id:
          enabled: true
        os.type:
          enabled: true
  batch:
    timeout: 10s
    send_batch_size: 1024
  attributes/cardinality_reduction:
    actions:
      - key: process.pid
        action: delete
      - key: process.parent_pid
        action: delete
  transform/metadata_nullify:
    metric_statements:
      - context: metric
        statements:
          - set(description, "")
          - set(unit, "")
exporters:
  otlphttp:
    endpoint: ${env:NEWRELIC_OTLP_ENDPOINT}
    headers:
      api-key: ${env:NEWRELIC_LICENSE_KEY}
service:
  pipelines:
    metrics/elasticsearch:
      receivers: [elasticsearch]
      processors: [memory_limiter, resourcedetection, resource/cluster_name_override, attributes/cardinality_reduction, cumulativetodelta, transform/metadata_nullify, batch]
      exporters: [otlphttp]

(선택 사항) 인증 및 SSL을 사용하는 보안 Elasticsearch 의 경우 수신자 설정을 수정하십시오.

receivers:
  elasticsearch:
    endpoint: "https://localhost:9200"
    username: "your_elasticsearch_username"
    password: "your_elasticsearch_password"
    tls:
      ca_file: "/etc/elasticsearch/certs/http_ca.crt"
      insecure_skip_verify: false
    collection_interval: 15s

(선택 사항) 호스트 메트릭을 수집하려면 hostmetrics 수신기를 추가하세요.

receivers:
  hostmetrics:
    collection_interval: 60s
    scrapers:
      cpu:
        metrics:
          system.cpu.utilization: {enabled: true}
          system.cpu.time: {enabled: true}
      load:
        metrics:
          system.cpu.load_average.1m: {enabled: true}
          system.cpu.load_average.5m: {enabled: true}
          system.cpu.load_average.15m: {enabled: true}
      memory:
        metrics:
          system.memory.usage: {enabled: true}
          system.memory.utilization: {enabled: true}
      disk:
        metrics:
          system.disk.io: {enabled: true}
          system.disk.operations: {enabled: true}
      filesystem:
        metrics:
          system.filesystem.usage: {enabled: true}
          system.filesystem.utilization: {enabled: true}
      network:
        metrics:
          system.network.io: {enabled: true}
          system.network.packets: {enabled: true}
      process:
        metrics:
          process.cpu.utilization:
            enabled: true

그리고 서비스 파이프라인에 다음을 추가하세요:

service:
  pipelines:
    metrics/host:
      receivers: [hostmetrics]
      processors: [memory_limiter, resourcedetection, batch]
      exporters: [otlphttp]

(선택 사항) Elasticsearch 로그를 수집하려면 filelog 수신기를 추가하세요. 수집기 서비스(otelcol-contrib)를 실행하는 사용자에게 Elasticsearch 로그 파일에 대한 읽기 권한이 있는지 확인하십시오.

Elasticsearch를 Linux(호스트)에서 실행하는 경우:

receivers:
  filelog:
    include:
      - /var/log/elasticsearch/elasticsearch.log
      - /var/log/elasticsearch/*.log

도커에서 Elasticsearch 실행하는 경우:

receivers:
  filelog:
    include:
      - /var/lib/docker/containers/*/*.log
    operators:
      - type: move
        from: attributes.log
        to: body

그리고 서비스 파이프라인에 다음을 추가하세요:

service:
  pipelines:
    logs:
      receivers: [filelog]
      processors: [resource/cluster_name_override]
      exporters: [otlphttp]

(선택 사항) 메트릭에 사용자 지정 메타데이터 태그를 추가하려면 resource/static_override 프로세서를 사용하세요.

processors:
  resource/static_override:
    attributes:
      - key: env
        value: "production"
        action: upsert
service:
  pipelines:
    metrics/elasticsearch:
      receivers: [elasticsearch]
      processors: [memory_limiter, resourcedetection, resource/cluster_name_override, resource/static_override, attributes/cardinality_reduction, cumulativetodelta, transform/metadata_nullify, batch]
      exporters: [otlphttp]

설정 파일을 저장합니다.
환경 변수를 설정하세요:
systemd 오버라이드 디렉터리를 생성합니다.
bash
```
$sudo mkdir -p /etc/systemd/system/otelcol-contrib.service.d
```
환경 설정 파일을 생성합니다.
bash
```
$cat <<EOF | sudo tee /etc/systemd/system/otelcol-contrib.service.d/environment.conf
$[Service]
$Environment="NEWRELIC_OTLP_ENDPOINT=https://otlp.nr-data.net:4318"
$Environment="NEWRELIC_LICENSE_KEY=YOUR_LICENSE_KEY_HERE"
$Environment="NEW_RELIC_MEMORY_LIMIT_MIB=100"
$EOF
```
설정값을 사용자 값으로 업데이트하세요:
- https://otlp.nr-data.net:4318 해당 지역의 엔드포인트로 바꾸세요.
- YOUR_LICENSE_KEY_HERE 실제 뉴웰 클러스터 키로 바꾸세요.
- 100 수집기에 사용할 원하는 메모리 제한(MiB 단위)으로 바꾸십시오(기본값: 100MiB). 사용 환경의 필요에 따라 조정하십시오.
변경 사항을 적용하려면 OTel Collector Contrib를 다시 시작하십시오.
bash
```
$sudo systemctl daemon-reload
$sudo systemctl restart otelcol-contrib.service
```

데이터 수집 확인

OTel Collector Contrib이 오류 없이 실행 중이며 데이터를 수집하고 있는지 확인하십시오.

수집기 서비스 상태를 확인하세요:
bash
```
$sudo systemctl status otelcol-contrib.service
```
수집기 로그를 모니터링하여 오류가 있는지 확인하십시오.
bash
```
$sudo journalctl -u otelcol-contrib.service -f
```
Elasticsearch 및 뉴럴릭과의 성공적인 연결을 찾아보세요. 오류가 발생하는 경우 문제 해결, 해결 가이드를 참조하세요.

Use this approach if you already have a Prometheus Elasticsearch exporter running in your environment, or if you're migrating from a Prometheus-based monitoring stack.

팁

Recommended: If you don't already have a Prometheus exporter running, use the NRDOT Collector or OTel Collector Contrib tabs instead. They connect directly to the Elasticsearch API without needing an additional exporter component.

Install and configure the Elasticsearch exporter

The Prometheus Elasticsearch exporter exposes Elasticsearch metrics in Prometheus format on port 9114.

Download the latest release:

bash

$wget https://github.com/prometheus-community/elasticsearch_exporter/releases/download/v1.8.0/elasticsearch_exporter-1.8.0.linux-amd64.tar.gz
$tar xzf elasticsearch_exporter-*.tar.gz
$cd elasticsearch_exporter-*

Start the exporter (point it to your Elasticsearch instance):
bash
```
$./elasticsearch_exporter --es.uri=http://localhost:9200
```
팁
For secured Elasticsearch, use: --es.uri=https://username:password@localhost:9200 --es.ssl-skip-verify
Verify the exporter is running:
bash
```
$curl http://localhost:9114/metrics | grep elasticsearch_cluster_health
```
You should see Prometheus-formatted metrics like elasticsearch_cluster_health_status, elasticsearch_cluster_health_number_of_nodes, etc.

수집기 구성

This configuration works with both NRDOT and OTel Collector Contrib. Place it in the appropriate config location for your collector:

NRDOT: /etc/nrdot-collector/config.yaml

OTel Collector Contrib: /etc/otelcol-contrib/config.yaml

If you don't have a collector installed yet, follow the installation steps in the NRDOT Collector or OTel Collector Contrib tabs above first, then return here to apply this configuration.

This configuration scrapes metrics from the Elasticsearch exporter and translates them to OpenTelemetry-compatible metric names that power the New Relic Elasticsearch dashboard.

receivers:
  prometheus/elasticsearch:
    config:
      scrape_configs:
        - job_name: 'elasticsearch'
          scrape_interval: 15s
          static_configs:
            - targets: ['localhost:9114']  # <-- elasticsearch_exporter address

processors:
  memory_limiter:
    check_interval: 60s
    limit_mib: ${env:NEW_RELIC_MEMORY_LIMIT_MIB:-100}

  metricstransform/prom_to_otel:
    transforms:
      - include: ^elasticsearch_cluster_health_number_of_data_nodes$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.data_nodes
      - include: ^elasticsearch_cluster_health_status$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.health
        operations:
          - action: update_label
            label: color
            new_label: status
      - include: ^elasticsearch_cluster_health_number_of_in_flight_fetch$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.in_flight_fetch
      - include: ^elasticsearch_cluster_health_number_of_nodes$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.nodes
      - include: ^elasticsearch_cluster_health_number_of_pending_tasks$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.pending_tasks
      - include: ^elasticsearch_cluster_health_active_shards$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.shards
        operations:
          - action: add_label
            new_label: state
            new_value: active
      - include: ^elasticsearch_cluster_health_active_primary_shards$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.shards
        operations:
          - action: add_label
            new_label: state
            new_value: active_primary
      - include: ^elasticsearch_cluster_health_initializing_shards$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.shards
        operations:
          - action: add_label
            new_label: state
            new_value: initializing
      - include: ^elasticsearch_cluster_health_relocating_shards$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.shards
        operations:
          - action: add_label
            new_label: state
            new_value: relocating
      - include: ^elasticsearch_cluster_health_unassigned_shards$
        match_type: regexp
        action: update
        new_name: elasticsearch.cluster.shards
        operations:
          - action: add_label
            new_label: state
            new_value: unassigned
      - include: ^elasticsearch_indices_docs$
        match_type: regexp
        action: insert
        new_name: elasticsearch.node.documents
        operations:
          - action: add_label
            new_label: state
            new_value: active
      - include: ^elasticsearch_indices_docs$
        match_type: regexp
        action: insert
        new_name: elasticsearch.index.documents
        operations:
          - action: add_label
            new_label: state
            new_value: active
          - action: add_label
            new_label: aggregation
            new_value: primary_shards
          - action: add_label
            new_label: elasticsearch.index.name
            new_value: _all
      - include: ^elasticsearch_indices_docs_deleted$
        match_type: regexp
        action: insert
        new_name: elasticsearch.node.documents
        operations:
          - action: add_label
            new_label: state
            new_value: deleted
      - include: ^elasticsearch_indices_fielddata_evictions$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cache.evictions
        operations:
          - action: add_label
            new_label: cache_name
            new_value: fielddata
      - include: ^elasticsearch_indices_query_cache_evictions$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cache.evictions
        operations:
          - action: add_label
            new_label: cache_name
            new_value: query
      - include: ^elasticsearch_indices_fielddata_memory_size_bytes$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cache.memory.usage
        operations:
          - action: add_label
            new_label: cache_name
            new_value: fielddata
      - include: ^elasticsearch_indices_query_cache_memory_size_bytes$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cache.memory.usage
        operations:
          - action: add_label
            new_label: cache_name
            new_value: query
      - include: ^elasticsearch_transport_rx_size_bytes_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cluster.io
        operations:
          - action: add_label
            new_label: direction
            new_value: received
      - include: ^elasticsearch_transport_tx_size_bytes_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.cluster.io
        operations:
          - action: add_label
            new_label: direction
            new_value: sent
      - include: ^elasticsearch_filesystem_data_available_bytes$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.fs.disk.available
      - include: ^elasticsearch_filesystem_data_size_bytes$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.fs.disk.total
      - include: ^elasticsearch_process_open_files_count$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.open_files
      - include: ^elasticsearch_indices_indexing_index_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.completed
        operations:
          - action: add_label
            new_label: operation
            new_value: index
      - include: ^elasticsearch_indices_search_query_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.completed
        operations:
          - action: add_label
            new_label: operation
            new_value: query
      - include: ^elasticsearch_indices_get_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.completed
        operations:
          - action: add_label
            new_label: operation
            new_value: get
      - include: ^elasticsearch_indices_merges_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.completed
        operations:
          - action: add_label
            new_label: operation
            new_value: merge
      - include: ^elasticsearch_indices_indexing_index_time_seconds_total$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.time
        operations:
          - action: add_label
            new_label: operation
            new_value: index
          - action: experimental_scale_value
            experimental_scale: 1000
      - include: ^elasticsearch_indices_search_query_time_seconds$
        match_type: regexp
        action: update
        new_name: elasticsearch.node.operations.time
        operations:
          - action: add_label
            new_label: operation
            new_value: query
          - action: experimental_scale_value
            experimental_scale: 1000
      - include: ^elasticsearch_thread_pool_active_count$
        match_type: regexp
        action: insert
        new_name: elasticsearch.node.operations.current
        operations:
          - action: update_label
            label: type
            new_label: operation
      - include: ^elasticsearch_os_cpu_percent$
        match_type: regexp
        action: update
        new_name: elasticsearch.os.cpu.usage
      - include: ^elasticsearch_os_load1$
        match_type: regexp
        action: update
        new_name: elasticsearch.os.cpu.load_avg.1m
      - include: ^elasticsearch_os_load5$
        match_type: regexp
        action: update
        new_name: elasticsearch.os.cpu.load_avg.5m
      - include: ^elasticsearch_os_load15$
        match_type: regexp
        action: update
        new_name: elasticsearch.os.cpu.load_avg.15m
      - include: ^elasticsearch_jvm_gc_collection_seconds_count$
        match_type: regexp
        action: update
        new_name: jvm.gc.collections.count
      - include: ^elasticsearch_jvm_gc_collection_seconds_sum$
        match_type: regexp
        action: update
        new_name: jvm.gc.collections.elapsed
        operations:
          - action: experimental_scale_value
            experimental_scale: 1000
      - include: ^elasticsearch_jvm_memory_max_bytes$
        match_type: regexp
        action: update
        new_name: jvm.memory.heap.max
      - include: ^elasticsearch_jvm_memory_used_bytes$
        match_type: regexp
        action: update
        new_name: jvm.memory.heap.used
      - include: ^elasticsearch_thread_pool_threads_count$
        match_type: regexp
        action: update
        new_name: jvm.threads.count
        operations:
          - action: aggregate_labels
            label_set: [name, cluster]
            aggregation_type: sum
      - include: ^elasticsearch_indices_segments_count$
        match_type: regexp
        action: update
        new_name: elasticsearch.index.segments.count

  filter/allowed_metrics:
    metrics:
      include:
        match_type: strict
        metric_names:
          - elasticsearch.cluster.data_nodes
          - elasticsearch.cluster.health
          - elasticsearch.cluster.in_flight_fetch
          - elasticsearch.cluster.nodes
          - elasticsearch.cluster.pending_tasks
          - elasticsearch.cluster.shards
          - elasticsearch.index.documents
          - elasticsearch.index.segments.count
          - elasticsearch.node.cache.evictions
          - elasticsearch.node.cache.memory.usage
          - elasticsearch.node.cluster.io
          - elasticsearch.node.documents
          - elasticsearch.node.fs.disk.available
          - elasticsearch.node.fs.disk.total
          - elasticsearch.node.open_files
          - elasticsearch.node.operations.completed
          - elasticsearch.node.operations.current
          - elasticsearch.node.operations.time
          - elasticsearch.os.cpu.usage
          - elasticsearch.os.cpu.load_avg.1m
          - elasticsearch.os.cpu.load_avg.5m
          - elasticsearch.os.cpu.load_avg.15m
          - jvm.gc.collections.count
          - jvm.gc.collections.elapsed
          - jvm.memory.heap.max
          - jvm.memory.heap.used
          - jvm.threads.count

  transform/rename_node_name:
    metric_statements:
      - context: datapoint
        statements:
          - set(attributes["elasticsearch.node.name"], attributes["name"]) where attributes["name"] != nil
          - delete_key(attributes, "name") where attributes["elasticsearch.node.name"] != nil

  groupbyattrs/node:
    keys:
      - elasticsearch.node.name
      - elasticsearch.cluster.name

  cumulativetodelta: {}

  resource/cluster_name_override:
    attributes:
      - key: elasticsearch.cluster.name
        value: "<elasticsearch-cluster-name>"
        action: upsert

  transform/scope_override:
    metric_statements:
      - context: scope
        statements:
          - set(name, "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/elasticsearchreceiver")
          - set(version, "")

  resourcedetection:
    detectors: [system]
    system:
      resource_attributes:
        host.name:
          enabled: true
        host.id:
          enabled: true
        os.type:
          enabled: true

  batch:
    timeout: 30s
    send_batch_size: 2048
    send_batch_max_size: 4096

  attributes/cardinality_reduction:
    actions:
      - key: process.pid
        action: delete
      - key: process.parent_pid
        action: delete

  transform/metadata_nullify:
    metric_statements:
      - context: metric
        statements:
          - set(description, "")
          - set(unit, "")

exporters:
  otlphttp:
    endpoint: ${env:NEWRELIC_OTLP_ENDPOINT}
    headers:
      api-key: ${env:NEWRELIC_LICENSE_KEY}
    compression: gzip
    timeout: 30s
    retry_on_failure:
      enabled: true
      initial_interval: 5s
      max_interval: 30s
      max_elapsed_time: 300s

service:
  pipelines:
    metrics/elasticsearch:
      receivers: [prometheus/elasticsearch]
      processors:
        - memory_limiter
        - metricstransform/prom_to_otel
        - filter/allowed_metrics
        - transform/rename_node_name
        - groupbyattrs/node
        - transform/scope_override
        - resourcedetection
        - resource/cluster_name_override
        - attributes/cardinality_reduction
        - cumulativetodelta
        - transform/metadata_nullify
        - batch
      exporters: [otlphttp]

Replace the following values in the configuration:

<elasticsearch-cluster-name>: Your Elasticsearch cluster name for identification in New Relic.
localhost:9114: The address of your elasticsearch_exporter if running on a different host or port.

Set up environment variables

Create a systemd override to inject the required environment variables. Replace <collector-service> with your collector service name (nrdot-collector or otelcol-contrib):

bash

$sudo mkdir -p /etc/systemd/system/<collector-service>.service.d

Create the file /etc/systemd/system/<collector-service>.service.d/environment.conf:

[Service]
Environment="NEWRELIC_OTLP_ENDPOINT=https://otlp.nr-data.net:4318"
Environment="NEWRELIC_LICENSE_KEY=YOUR_NEWRELIC_LICENSE_KEY"
Environment="NEW_RELIC_MEMORY_LIMIT_MIB=100"

YOUR_NEWRELIC_LICENSE_KEY 로 바꾸세요.

팁

For EU accounts, use NEWRELIC_OTLP_ENDPOINT=https://otlp.eu01.nr-data.net:4318

수집기를 시작하세요

Replace <collector-service> with your collector service name (nrdot-collector or otelcol-contrib):

bash

$sudo systemctl daemon-reload
$sudo systemctl enable <collector-service>
$sudo systemctl restart <collector-service>

Check the collector status:

bash

$sudo systemctl status <collector-service>
$sudo journalctl -u <collector-service> -f

뉴렐릭에서 데이터 확인

After a few minutes, verify that data is flowing to New Relic:

FROM Metric SELECT count(*)
WHERE metricName LIKE 'elasticsearch.%'
AND elasticsearch.cluster.name = '<elasticsearch-cluster-name>'
SINCE 10 minutes ago

팁

APM과 Elasticsearch 연동: APM 애플리케이션과 Elasticsearch 클러스터를 연결하려면 APM 메트릭에 리소스 속성 es.cluster.name="your-cluster-name" 포함하세요. 이를 통해 서비스 간 가시성과 문제 해결 속도가 빨라지고 뉴렐릭 내에서 문제가 해결됩니다.

Elasticsearch 데이터를 확인하세요

수집기가 실행되고 데이터를 전송하면 Elasticsearch 지표를 탐색하고, 사용자 정의 쿼리를 생성하고, 뉴렐릭에서 모니터링 대시보드를 설정할 수 있습니다.

데이터 액세스, NRQL 작성, 그리고 알림 구성에 대한 자세한 내용은 Elasticsearch 데이터 찾기 및 검색을 참조하세요.

문제점 해결

설치 중에 문제가 발생하거나 뉴렐릭에 데이터가 표시되지 않는 경우 일반적인 문제에 대한 단계별 해결 방법에 대한 포괄적인 문제 해결, 해결 가이드를 참조하세요.

사용자의 편의를 위해 제공되는 기계 번역입니다.

OpenTelemetry를 사용하여 자체 호스팅 Elasticsearch를 모니터링하세요.

설치 옵션

시작하기 전에

Elasticsearch 모니터링을 구성합니다.

팁

중요

데이터 수집 확인

시작하기 전에

중요

Elasticsearch 모니터링을 구성합니다.

팁

중요

데이터 수집 확인

팁

Install and configure the Elasticsearch exporter

팁

수집기 구성

Full Prometheus receiver configuration

Set up environment variables

팁

수집기를 시작하세요

뉴렐릭에서 데이터 확인

팁

Elasticsearch 데이터를 확인하세요

문제점 해결

사용자의 편의를 위해 제공되는 기계 번역입니다.

OpenTelemetry를 사용하여 자체 호스팅 Elasticsearch를 모니터링하세요.

설치 옵션 .css-21sua1{background:none;border:none;width:0;padding:0;}

시작하기 전에

Elasticsearch 모니터링을 구성합니다.

팁

중요

데이터 수집 확인

시작하기 전에

중요

Elasticsearch 모니터링을 구성합니다.

팁

중요

데이터 수집 확인

팁

Install and configure the Elasticsearch exporter

팁

수집기 구성

Set up environment variables

팁

수집기를 시작하세요

뉴렐릭에서 데이터 확인

팁

Elasticsearch 데이터를 확인하세요

문제점 해결

설치 옵션