elk // install v8

tested on debian12

install

apt install gnupg1 apt-transport-https file jq

ls -lF /usr/share/keyrings/elasticsearch-keyring.gpg # no exist
ls -lF /etc/apt/sources.list.d/elastic-8.x.list # no exist

curl https://artifacts.elastic.co/GPG-KEY-elasticsearch | \
    gpg1 --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

cat > /etc/apt/sources.list.d/elastic-8.x.list <<EOF
deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main
EOF

apt update
apt install elasticsearch

user=elastic
pass=THAT-PASSWORD-HERE

ready to go

sysctl vm.max_map_count
systemctl daemon-reload
systemctl enable elasticsearch --now
systemctl status elasticsearch
sysctl vm.max_map_count

netstat -lntup
curl -sk https://localhost:9200/ -u $user:$pass | jq

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
/usr/share/kibana/bin/kibana-verification-code

kibana

apt install kibana
cp -pi /etc/kibana/node.options /etc/kibana/node.options.dist
vi /etc/kibana/node.options

(comment out --openssl-legacy-provider)

systemctl enable kibana --now
systemctl status kibana

netstat -lntup

remotely

ssh -L 5602:localhost:5601 elastic8

resources

https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html

https://www.elastic.co/guide/en/kibana/current/deb.html

https://www.elastic.co/guide/en/kibana/8.13/production.html#openssl-legacy-provider

https://discuss.elastic.co/t/what-are-ports-9200-and-9300-used-for/238578 ==> 9300 cluster communication


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun