Scribd
Upload
57 views4 pages

Elk Installation Steps

This document provides a step-by-step guide for installing the ELK Stack on an Ubuntu virtual machine, requiring a minimum of 2 CPU and 4 GB RAM. It includes instructions for updating the system, installing Java, adding the Elastic Stack repository, and installing Elasticsearch, Logstash, and Kibana, along with configuration and firewall setup. Additionally, it emphasizes enabling components to start on boot and securing access for production environments.

Uploaded by

okre2005
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
57 views4 pages

Elk Installation Steps

This document provides a step-by-step guide for installing the ELK Stack on an Ubuntu virtual machine, requiring a minimum of 2 CPU and 4 GB RAM. It includes instructions for updating the system, installing Java, adding the Elastic Stack repository, and installing Elasticsearch, Logstash, and Kibana, along with configuration and firewall setup. Additionally, it emphasizes enabling components to start on boot and securing access for production environments.

Uploaded by

okre2005
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

ELK Stack Installation Guide on a Virtual Machine (Ubuntu)

Pre-Requisites:

• Ubuntu 20.04 or 22.04 VM (2 CPU, 4 GB RAM minimum recommended)


• Root or sudo access
• Internet connection

Step 1: Update the System

sudo apt update && sudo apt upgrade -y

Step 2: Install Java (Required for Elasticsearch and Logstash)

sudo apt install openjdk-11-jdk -y


java -version

Step 3: Add Elastic Stack Repository

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key


add -
sudo apt install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo
tee /etc/apt/sources.list.d/elastic-8.x.list
sudo apt update

Step 4: Install Elasticsearch

sudo apt install elasticsearch -y

Edit the configuration file:

sudo nano /etc/elasticsearch/elasticsearch.yml

1
Add the following line:

network.host: localhost

Enable and start Elasticsearch:

sudo systemctl enable elasticsearch


sudo systemctl start elasticsearch

Test Elasticsearch:

curl -X GET "localhost:9200"

Step 5: Install Logstash

sudo apt install logstash -y

Create a simple configuration file to test Logstash:

sudo nano /etc/logstash/conf.d/simple.conf

Example config:

input { stdin { } }
output { stdout { codec => rubydebug } }

Run Logstash:

sudo /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/simple.conf

Step 6: Install Kibana

sudo apt install kibana -y

2
Edit the configuration:

sudo nano /etc/kibana/kibana.yml

Set the following:

server.host: "localhost"

Enable and start Kibana:

sudo systemctl enable kibana


sudo systemctl start kibana

Access Kibana in your browser:

http://<VM-IP>:5601

Step 7: Configure Firewall (If Required)

sudo ufw allow 5601


sudo ufw allow 9200

Step 8: Enable ELK Components to Start on Boot

sudo systemctl enable elasticsearch


sudo systemctl enable logstash
sudo systemctl enable kibana

Notes:

• Config files:
• Elasticsearch: /etc/elasticsearch/elasticsearch.yml
• Logstash: /etc/logstash/conf.d/
• Kibana: /etc/kibana/kibana.yml
• For external access, set network.host: 0.0.0.0 in relevant config files.

3
• Secure access with a reverse proxy and SSL in production.

End of Document

You might also like