How to install ELK on Ubuntu 16.04
In this tutorial we will provide you with detailed instructions on how to install ELK (Elasticsearch, Logstash and Kibana) on Ubuntu 16.04.
A short introduction about the ELK stack
The ELK is a powerful and versatile stack for collect, analyze and explore data in real time. The components of an ELK are:
Elasticsearch – Search and analyze data in real time.
Logstash – Collect, enrich, and transport data.
Kibana – Explore and visualize data.
Tutorial
Step 1 – Install Java 8
This is a mandatory step once both Elasticsearch and Logstash require Java. We are recommending the Java 8 because so far is the most recent stable version.
First of all we need to add the Oracle Java PPA:
|
1 |
sudo add-apt-repository -y ppa:webupd8team/java |
Then just update the apt package database and install the package oracle-java8-installer:
|
1 2 |
sudo apt-get update sudo apt-get -y install oracle-java8-installer |
Just to confirm that Java was successfully installed you can the command bellow:
|
1 |
java -version |
The expected output must be something similar to this:
|
1 2 3 |
java version "1.8.0_101" Java(TM) SE Runtime Environment (build 1.8.0_101-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.101-b13, mixed mode) |
Step 2 – Install Elasticsearch 2.X
After the Java installation we can now move on to the Elasticsearch. It can be installed with a package manager but we need first add the Elastic’s package source list. In order to do that just execute the following commands:
|
1 2 |
wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list |
Update the apt package database and install the package elasticsearch:
|
1 2 |
sudo apt-get update sudo apt-get -y install elasticsearch |
Configure the elasticsearch to start on boot up:
|
1 |
sudo update-rc.d elasticsearch defaults 95 10 |
Step 3 – Install Kibana 4.4.X
Before install Kibana we need to add the Elastic’s package source list.
|
1 |
echo "deb http://packages.elastic.co/kibana/4.4/debian stable main" | sudo tee -a /etc/apt/sources.list.d/kibana-4.4.x.list |
Update the apt package database and install the package kibana:
|
1 2 |
sudo apt-get update sudo apt-get -y install kibana |
Configure kibana’s service to start on boot up:
|
1 |
sudo update-rc.d kibana defaults 96 9 |
Step 4 – Install Logstash 2.2.X
Again, similar to how we installed Elasticsearch and Kibana, we need first add the Elastic’s package source list by executing the command:
|
1 |
echo 'deb http://packages.elastic.co/logstash/2.2/debian stable main' | sudo tee /etc/apt/sources.list.d/logstash-2.2.x.list |
Update the apt package database and install the package logstash:
|
1 2 |
sudo apt-get update sudo apt-get -y install logstash |
Configure logstash’s service to start on boot up:
|
1 |
sudo update-rc.d logstash defaults 96 9 |
Conclusion
We just presented you the basic installation of the ELK stack. There’s much more that can be done, specially when talking about Logstash. It is really flexible and can be configured to receive messages (in so many protocols and formats), transform them using lots of filters and then forward all these structured messages to many outputs such as Elasticsearch.