install ubuntu 20.4
Elastic 7.X
## elasticsearch ##
sudo wget -qO – https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add –
or
wget -O key https://artifacts.elastic.co/GPG-KEY-elasticsearch –no-check-certificate
sudo apt-key add key
sudo apt-get install apt-transport-https
sudo apt-get update
sudo apt-get install elasticsearch
sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch
curl localhost:9200
or
sudo wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.0-amd64.deb
sudo dpkg -i elasticsearch-7.17.0-amd64.deb
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch
curl localhost:9200
https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html
_______________________________________________
## kibana ##
sudo apt install kibana
sudo systemctl start kibana
sudo systemctl enable kibana
sudo systemctl status kibana
or
sudo wget https://artifacts.elastic.co/packages/7.x/apt/pool/main/k/kibana/kibana-7.17.0-amd64.deb
sudo dpkg -i kibana-7.17.0-amd64.deb
sudo systemctl start kibana
sudo systemctl enable kibana
sudo systemctl status kibana
sudo vim /etc/kibana/kibana.yml
server.port: 5601
server.host: “0.0.0.0”
_______________________________________________
## filebeat ##
sudo apt install filebeat
sudo vim /etc/filebeat/filebeat.yml
output.elasticsearch:
hosts: [“localhost:9200”]
protocol: “https”
username: “xxxxx”
password: “xxxxx”
ssl.certificate_authorities: [“/etc/filebeat/http_ca.crt”]
cp /etc/elasticsearch/certs/http_ca.crt /etc/filebeat/
sudo systemctl start filebeat
sudo systemctl enable filebeat
sudo systemctl status filebeat
sudo filebeat modules enable nginx
sudo filebeat setup -e
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html
# modules #
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html