How to Install ELK on Ubuntu 20.04

Elasticsearch, Logstash, Kibana (ELK) allows for managing large amounts of log data on Ubuntu 20.04 Focal Fossa. The ELK stack combines Elasticsearch, Logstash, and Kibana, which are open source tools that work in tandem to provide you with the ability to manage log data from a convenient graphical web interface.

I’ll show you the steps required to get ELK up and running on your Ubuntu 20.04 system.

CategoryRequirements UsedSystemUbuntu 20.04SoftwareELK, Nginx,openjdk-11-jdk, wget, apt-transport-https, curl, gpgv, gpgsm, gnupg-l10n, gnupg, dirmngrUpdate and Upgrade Distro

apt-get update -y apt-get upgrade -y

bashInstall Required Dependencies apt-get install openjdk-11-jdk wget apt-transport-https curl gpgv gpgsm gnupg-l10n gnupg dirmngr -y

Install and Configure Java sudo apt -y install openjdk-11-jdk

export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64

Elasticsearch

Add Elastic Repository

Download and install the PGP Key using wget command. wget -qO — https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Next is to add the Elasticsearch repository to the system: echo “deb https://artifacts.elastic.co/packages/7.x/apt stable main” | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

Install Elasticsearch Update the apt packages and install the Elasticsearch by issuing the following command:

apt-get update apt-get install elasticsearch -y

sudo systemctl stop elasticsearch

systemctl enable elasticsearch

Configure Elasticsearch Add Transport.host echo ‘transport.host: localhost’ >> /etc/elasticsearch/elasticsearch.yml

Add Transport TCP Port echo ‘transport.tcp.port: 9300’ >> /etc/elasticsearch/elasticsearch.yml

Add Network.host echo ‘network.host: localhost’ >> /etc/elasticsearch/elasticsearch.yml

Add http.port echo ‘http.port: 9200’ >> /etc/elasticsearch/elasticsearch.yml

Add discovery.type echo ‘discovery.type: single-node’ >> /etc/elasticsearch/elasticsearch.yml

Add setup.ilm.overwrite echo ‘setup.ilm.overwrite: true’ >> /etc/elasticsearch/elasticsearch.yml

Add JVM heap echo ‘-Xms512m’ >> /etc/elasticsearch/jvm.options

echo ‘-Xmx512m’ >> /etc/elasticsearch/jvm.options

Reload and Start Elasticsearch

Start Elasticsearch at system startup: systemctl daemon-reload systemctl start elasticsearch systemctl restart elasticsearch

Elasticsearch Status systemctl status elasticsearch

Output:

Logstash Install Logstash sudo apt install logstash -y

Start Logstash at system startup: systemctl daemon-reload systemctl enable logstash systemctl start logstash

Logstash Status systemctl status logstash

Output:

Kibana Install Kibana sudo apt install kibana -y

systemctl stop kibana

systemctl enable kibana

Configure Kibana Add Server.port echo -e “server.port: 5601” >> /etc/kibana/kibana.yml

Add Server.host echo -e “server.host: $HOSTNAME” >> /etc/kibana/kibana.yml

Add Elasticsearch.hosts echo -e ‘elasticsearch.hosts: [“http://localhost:9200"]' >> /etc/kibana/kibana.yml

Reload and Start Kibana systemctl daemon-reload

systemctl start kibana

Kibana Status

Start Kibana at system startup: systemctl status kibana

Output:

Access Kibana http://:5601

Trusted Veteran | Compassionate. Aspiring. Resourceful.