UbuntuUbuntu Based

How To Install ELK Stack on Ubuntu 22.04 LTS

r00t

Install ELK Stack on Ubuntu 22.04

In this tutorial, we will show you how to install ELK Stack on Ubuntu 22.04 LTS. For those of you who didn’t know, The ELK stack is an acronym used to describe a stack that comprises three popular projects: Elasticsearch, Logstash, and Kibana. It is designed to collect data, analyze and visualize in real time.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of ELK Stack on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

Prerequisites

  • A server running one of the following operating systems: Ubuntu 22.04, 20.04, 18.04, and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install ELK Stack on Ubuntu 22.04 LTS Jammy Jellyfish

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade
sudo apt install build-essential checkinstall zlib1g-dev libssl-dev

Step 2. Installing Java OpenJDK.

ELK is based on Java, so you will need to install the Java JDK on your server. Let’s run the command below to install default JDK version 11:

sudo apt install default-jdk

Verify the Java version using the following command:

java --version

For additional resources on installing and managing Java OpenJDK, read the post below:

Step 3. Installing Nginx.

You need Nginx for ELK Stack, but multiple utilities come with Nginx that you may find helpful. Now run the following to install the Nginx web server to your Ubuntu system:

sudo apt install nginx

After successful installation, enable Nginx (to start automatically upon system boot), start, and verify the status using the commands below:

sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl status nginx

Confirm the installation and check the installed build version of Nginx:

nginx -v

For additional resources on installing and managing Nginx, read the post below:

Step 4. Installing Elasticsearch.

By default, Elasticsearch is not available on Ubuntu 22.04 base repository. Now run the following command below to add the Elasticsearch repository to your Ubuntu system:

echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list

Next, import the GPG key:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

After the repository is enabled, now install the latest version of Elasticsearch using the below command:

sudo apt update
sudo apt install elasticsearch

Elasticsearch service is not started automatically after installation, to start the service and enable it on system boot, type the following systemctl command:

sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch
sudo systemctl status elasticsearch

After it has been installed, open the configuration file of Elasticsearch using favorite a text editor:

nano /etc/elasticsearch/elasticsearch.yml

Find the line that specifies network.host, uncomment it and replace its value with localhost so it reads like this:

# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: localhost
. . .

Save and exit the file, then restart the Elasticsearch service for the changes to take effect:

sudo systemctl restart elasticsearch

For additional resources on installing and managing Elasticsearch, read the post below:

Step 5. Installing Kibana.

Follow these steps to install Kibana on your Ubuntu system:

sudo apt install kibana

Kibana service is not started automatically after installation, to start the service and enable it on system boot, type the following systemctl command:

sudo systemctl enable kibana
sudo systemctl start kibana

By default, Kibana is designed to listen to the “localhost”. So, you will need to reverse proxy to allow external access to it. This will be done using Nginx. First, use the openssl command to set up a new username and password to access Kibana:

echo "username:`openssl password -apr1`" | sudo tee -a /etc/nginx/htpasswd.users

Next, create an Nginx server block file using the following command:

nano /etc/nginx/sites-available/filename

Add the following file:

server {
    listen 80;
    server_name your-domain.com;
    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;
location / {
    proxy_pass http://localhost:5601;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
     proxy_set_header Host $host;
     proxy_cache_bypass $http_upgrade;
    }

Save and exit the file, then restart the Nginx service for the changes to take effect:

sudo systemctl restart nginx

Step 6. Installing Logstash.

We will install Logstash using the command below:

sudo apt install logstash

Logstash service is not started automatically after installation, to start the service and enable it on system boot, type the following systemctl command:

sudo systemctl enable logstash
sudo systemctl start logstash

For configuring Logstash, you can customize its input, outputs, and filters according to your demands. Set the data transfer rate and the data being filtered as you require so you can get the most out of the ELK Stack application.

Congratulations! You have successfully installed ELK Stack. Thanks for using this tutorial for installing the ELK Stack on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official ELK Stack website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button