Installing ELK

By | June 20, 2016

Version of Elastic search used: elasticsearch-2.3.3

Version of logstash used:  logstash-2.3.3

Version of kibana used:  kibana-4.5.1

OS used: ubuntu 15.04

The only pre-requisite is java runtime.

Issue :

java -version

java version “1.7.0_95”
OpenJDK Runtime Environment (IcedTea 2.6.4) (7u95-2.6.4-0ubuntu0.15.04.1)
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

If java is not installed at your end, then install java.

Download the tar balls of all the  three components of ELK stack.  Uncompress and extract them.
Their default configuration is sufficient to work with them.

I extracted them under /opt.

starting  the ELK stack : ////

To start elasticsearch:

Go to the extracted folder of elasticsearch and issue

bin/elasticsearch &

Below error is thrown:
Exception in thread “main” java.lang.RuntimeException: don’t run elasticsearch as root.
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:93)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:144)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Refer to the log for complete error details.

As a solution,issue:

bin/elasticsearch -Des.insecure.allow.root=true &

Elasticsearch runs on 9200 port.

To start kibana:

bin/kibana &

Kibana runs on 5601.

Kibana is, by default, expecting Logstash to send logs to Elasticsearch.

To start logstash,

Go to the folder, where you have extracted logstash tar ball.

Create a config file, simple.conf under conf.d folder. Create conf.d folder, if do not exist.

input { stdin { } } output { stdout {} }

Here, we have used standard input to provide input to the logstash.

Then, issue:

bin/logstash -f conf.d/simple.conf

Now, typing something will get output on your screen by logstash.

To view incoming logs to logstash via kibana,

Open your browser , type :
http://localhost:5601/

This time , you can’t see any incoming logs to kibana, because nothing has been passed to elastic search , yet. Now, Press ctrl+C on the screen where you have started logstash, and issue below:

bin/logstash -e ‘input { stdin { } } output { elasticsearch { hosts=> localhost } }’

‘-e’ option will tell logstash to accept a configuration directly from the command line. Here, we have directed all the logstash inputs to elasticsearch

Now, typing something will be sent directly to elastic search and visible to kibana.

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *