elk // install v7

logging | elk | fluentbit

tested on debian12

install

apt install gnupg1 apt-transport-https file jq

ls -lF /usr/share/keyrings/elasticsearch-keyring.gpg # no exist
ls -lF /etc/apt/sources.list.d/elastic-7.x.list # no exist

curl https://artifacts.elastic.co/GPG-KEY-elasticsearch | \
    gpg1 --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
cat > /etc/apt/sources.list.d/elastic-8.x.list <<EOF
deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main
EOF
apt update
apt install elasticsearch

setup

cp -pi /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.dist
vi /etc/elasticsearch/elasticsearch.yml
network.host: 0.0.0.0
discovery.seed_hosts: ["elastic7"]
cluster.initial_master_nodes: ["elastic7"]
#discovery.seed_providers

ready to go

sysctl vm.max_map_count
systemctl daemon-reload
systemctl enable elasticsearch --now
systemctl status elasticsearch
sysctl vm.max_map_count

netstat -lntup
curl -sk localhost:9200/ | jq

kibana

apt install kibana
cp -pi /etc/kibana/node.options /etc/kibana/node.options.dist
vi /etc/kibana/node.options

(comment out --openssl-legacy-provider)

systemctl enable kibana --now
systemctl status kibana

netstat -lntup

remotely

ssh -L 5607:localhost:5601 elastic7

HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun