ELK Install on CentOS
Java setup
Check
yum list java*jdk-devel
Result
Loaded plugins: fastestmirror, security
Determining fastest mirrors
* base: ftp.daumkakao.com
* extras: ftp.daumkakao.com
* updates: ftp.daumkakao.com
Available Packages
java-1.6.0-openjdk-devel.x86_64 1:1.6.0.41-1.13.13.1.el6_8 base
java-1.7.0-openjdk-devel.x86_64 1:1.7.0.141-2.6.10.1.el6_9 updates
java-1.8.0-openjdk-devel.x86_64 1:1.8.0.131-0.b11.el6_9 updates
Setup
yum install java-1.8.0-openjdk-devel.x86_64
Setup check
java -version
Result
openjdk version "1.8.0_131"
OpenJDK Runtime Environment (build 1.8.0_131-b11)
OpenJDK 64-Bit Server VM (build 25.131-b11, mixed mode)
ELASTICSEARCH
Download setup RPM file
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.3.1.rpm
Setup
rpm --install elasticsearch-5.3.1.rpm
- Install path: /usr/share/elasticsearch
- Config file: /etc/elasticsearch
- Init script: /etc/init.d/elasticsearch
Result
Creating elasticsearch group... OK
Creating elasticsearch user... OK
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using chkconfig
sudo chkconfig --add elasticsearch
### You can start elasticsearch service by executing
sudo service elasticsearch start
Start
/etc/init.d/elasticsearch start
# OR
service elasticsearch start
Config - Only External Network
vi /etc/elasticsearch/elasticsearch.yml
#network.host: 192.168.0.1
network.host: 0.0.0.0
Automatically start ( CentOS 7 )
systemctl enable elasticsearch.service
Check
curl -XGET localhost:9200
Running
{
"name" : "UbFQ23i",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "XXkN_RRpTJ6e95ozPC1kyA",
"version" : {
"number" : "5.3.1",
"build_hash" : "5f9cf58",
"build_date" : "2017-04-17T15:52:53.846Z",
"build_snapshot" : false,
"lucene_version" : "6.4.2"
},
"tagline" : "You Know, for Search"
}
KIBANA
Download setup RPM file
wget https://artifacts.elastic.co/downloads/kibana/kibana-5.3.1-x86_64.rpm
Setup
rpm --install kibana-5.3.1-x86_64.rpm
- Install path: /usr/share/kibana
- Config file: /etc/kibana/kibana.yml
- Init script: /etc/init.d/kibana
Start
/etc/init.d/kibana start
# OR
service kibana start
Config - Only External Network
IP info
ifconfig | grep inet
inet addr:192.169.243.3 Bcast:192.169.243.255 Mask:255.255.255.0
inet6 addr: fe80::d00d:7aff:fef6:31eb/64 Scope:Link
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
192.169.243.3
Set IP info
vi /etc/kibana/kibana.yml
elasticsearch.url: "http://192.169.243.3:9200"
Automatically start ( CentOS 7 )
systemctl daemon-reload
systemctl enable kibana
Check
ps -ef | grep kibana
Running
kibana 1956 1 8 14:39 pts/2 00:00:05 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/share/kibana/bin/../src/cli -c /etc/kibana/kibana.yml
lsh 3261 11244 0 14:40 pts/2 00:00:00 grep kibana
Stopped
lsh 3459 11244 0 14:41 pts/2 00:00:00 grep kibana
LOGSTASH
Download setup RPM file
wget https://artifacts.elastic.co/downloads/logstash/logstash-5.3.1.rpm
Setup
rpm --install logstash-5.3.1.rpm
- Install path: /usr/share/logstash
Result
Using provided startup.options file: /etc/logstash/startup.options
Successfully created system startup script for Logstash
Config
Create logstash.conf
vi logstash.conf
input {
stdin { }
}
output {
stdout { }
}
Start
/usr/share/logstash/bin/logstash -f ./logstash.conf