elk // elasticsearch install v7

logging | elk | fluentbit

tested on debian12

install

grab the latest v7 available from there

scp elasticsearch-7.17.29-amd64.deb elk7-node:

dpkg -i elasticsearch-7.17.29-amd64.deb
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl start elasticsearch.service
systemctl status elasticsearch.service

setup

cd /etc/elasticsearch/
mv -i elasticsearch.yml elasticsearch.yml.dist
grep -vE '^#|^$' elasticsearch.yml.dist > elasticsearch.yml.clean
grep -vE '^#|^$' elasticsearch.yml.dist > elasticsearch.yml
vi elasticsearch.yml

network.host: 0.0.0.0
discovery.seed_hosts: ["elastic7"]
cluster.initial_master_nodes: ["elastic7"]
#discovery.seed_providers

ready to go

sysctl vm.max_map_count
systemctl daemon-reload
systemctl enable elasticsearch --now
systemctl status elasticsearch
sysctl vm.max_map_count

netstat -lntup
curl -sk localhost:9200/ | jq

kibana

apt install kibana
cp -pi /etc/kibana/node.options /etc/kibana/node.options.dist
vi /etc/kibana/node.options

(comment out --openssl-legacy-provider)

systemctl enable kibana --now
systemctl status kibana

netstat -lntup

remotely

ssh -L 5607:localhost:5601 elastic7

HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Licensed under MIT