This blog is part of a series. Refer to the links below for the other posts in this series.

Part 1: Installing Ubuntu
Part 2: Installing Elastic Stack
Part 3: Install ElastiFlow
Part 4: Solution Maintenance (coming soon)

In this section, we will cover installing and configuring Elastic Stack 6.x, which will be used to power the ElastiFlow solution. Elastic Stack, often referred to as ELK Stack, consists of Elasticsearch, Logstash, and Kibana. Elasticsearch is a full-text based search engine. Logstash is a data-collection and log-parsing engine, and Kibana is an analytics and visualization platform used to display the ElastiFlow dashboards.

Please note this tutorial is designed for personal or lab environment setups, so we are not going to cover security considerations with the Kibana website. I have provided links below to additional resources if you need to set up restricted access to the Kibana dashboards.

Installing Elastic Stack 6.x

Install Java

Logstash requires Java 8. Java 9 is not supported. So, we need to ensure that we install the proper version.

Add the Oracle Java PPA to apt

Update apt

Install the latest stable version of Oracle Java 8

Install Elasticsearch

Import Elasticsearch Signing Key PGP key

Confirm apt-transport-https is installed

Add the repository definition to ensure you are getting the latest version

Update apt

Install Elasticsearch

Configure Elasticsearch to start automatically when the system boots

Start the Elasticsearch service

Install Kibana

Update apt

Install Kibana

Configure Kibana to start automatically when the system boots

Start the Kibana service

Install Logstash

Update apt

Install Logstash


Configuring Elastic Stack

Before you can install ElastiFlow there are a few things that need to be set up in the Elastic Stack.

Configure Elasticsearch

Open the Elasticsearch configuration file for editing.

Edit the entry in the Elasticsearch configuration to block access to Elasticseach from outside the server.

Set – localhost

Elastic Stack

Restart the Elasticsearch service to force the changes to take effect.

Configure Kibana

Open the Kibana configuration file for editing.

Edit the entry in the configuration to allow external access to Kibana.
note: As I mentioned that the beginning of this tutorial this will allow anonymous access to the Kibana dashboard. If you need to restrict access, I recommend installing and configuring Nginx.

Set – <Your Server’s IP Address>

Elastic Stack

Restart the Kibana service to force the changes to take effect.

To ensure that you can access the Kibana site externally you will need to open the inbound port on the service’s firewall.

On your local computer open a web browser, navigate to the Kibana URL, and confirm Kibana loads

http://<Your Server’s IP Address>:5601/

Elastic Stack

If you see a page load similar to the one above, then everything is set up and ready for you to install ElastiFlow.

Part 3: Install ElastiFlow

Would you like to get more information? Get in touch with us here!