Month: August 2017

Logstash
Elasticsearch
Kibana
Filebeat

ELK server:

$ sudo add-apt-repository -y ppa:webupd8team/java
$ sudo apt-get update
$ sudo apt-get -y install oracle-java8-installer

Install Elasticsearch

$ wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
$ echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
$ sudo apt-get update
$ sudo apt-get -y install elasticsearch

Config Elasticsearch

$ sudo vim /etc/elasticsearch/elasticsearch.yml

Uncomment this line, and change to network.host: 0.0.0.0

network.host: 0.0.0.0

$ sudo systemctl restart elasticsearch
$ sudo systemctl enable elasticsearch

Install Logstash

$ echo "deb http://packages.elastic.co/logstash/2.3/debian stable main" | sudo tee -a /etc/apt/sources.list
$ sudo apt-get update
$ sudo apt-get install logstash

Configure Logstash

$