Logstash
Elasticsearch
Kibana
Filebeat
ELK server:
$ sudo add-apt-repository -y ppa:webupd8team/java $ sudo apt-get update $ sudo apt-get -y install oracle-java8-installer
Install Elasticsearch
$ wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - $ echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list $ sudo apt-get update $ sudo apt-get -y install elasticsearch
Config Elasticsearch
$ sudo vim /etc/elasticsearch/elasticsearch.yml
Uncomment this line, and change to network.host: 0.0.0.0
network.host: 0.0.0.0
$ sudo systemctl restart elasticsearch $ sudo systemctl enable elasticsearch
Install Logstash
$ echo "deb http://packages.elastic.co/logstash/2.3/debian stable main" | sudo tee -a /etc/apt/sources.list $ sudo apt-get update $ sudo apt-get install logstash
Configure Logstash
$