How to Install ELK on Ubuntu 20.04

Elasticsearch, Logstash, Kibana (ELK) allows for managing large amounts of log data on Ubuntu 20.04 Focal Fossa. The ELK stack combines Elasticsearch, Logstash, and Kibana, which are open source tools that work in tandem to provide you with the ability to manage log data from a convenient graphical web interface.

I’ll show you the steps required to get ELK up and running on your Ubuntu 20.04 system.

CategoryRequirements UsedSystemUbuntu 20.04SoftwareELK, Nginx,openjdk-11-jdk, wget, apt-transport-https, curl, gpgv, gpgsm, gnupg-l10n, gnupg, dirmngrUpdate and Upgrade Distro

apt-get update -y apt-get upgrade -y

bashInstall Required Dependencies apt-get install openjdk-11-jdk wget apt-transport-https curl gpgv gpgsm gnupg-l10n gnupg dirmngr -y

Install and Configure Java sudo apt -y install openjdk-11-jdk

export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64


Add Elastic Repository

Download and install the PGP Key using wget command. wget -qO — | sudo apt-key add -

Next is to add the Elasticsearch repository to the system: echo “deb stable main” | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

Install Elasticsearch Update the apt packages and install the Elasticsearch by issuing the following command:

apt-get update apt-get install elasticsearch -y

sudo systemctl stop elasticsearch

systemctl enable elasticsearch

Configure Elasticsearch Add echo ‘ localhost’ >> /etc/elasticsearch/elasticsearch.yml

Add Transport TCP Port echo ‘transport.tcp.port: 9300’ >> /etc/elasticsearch/elasticsearch.yml

Add echo ‘ localhost’ >> /etc/elasticsearch/elasticsearch.yml

Add http.port echo ‘http.port: 9200’ >> /etc/elasticsearch/elasticsearch.yml

Add discovery.type echo ‘discovery.type: single-node’ >> /etc/elasticsearch/elasticsearch.yml

Add setup.ilm.overwrite echo ‘setup.ilm.overwrite: true’ >> /etc/elasticsearch/elasticsearch.yml

Add JVM heap echo ‘-Xms512m’ >> /etc/elasticsearch/jvm.options

echo ‘-Xmx512m’ >> /etc/elasticsearch/jvm.options

Reload and Start Elasticsearch

Start Elasticsearch at system startup: systemctl daemon-reload systemctl start elasticsearch systemctl restart elasticsearch

Elasticsearch Status systemctl status elasticsearch


Logstash Install Logstash sudo apt install logstash -y

Start Logstash at system startup: systemctl daemon-reload systemctl enable logstash systemctl start logstash

Logstash Status systemctl status logstash


Kibana Install Kibana sudo apt install kibana -y

systemctl stop kibana

systemctl enable kibana

Configure Kibana Add Server.port echo -e “server.port: 5601” >> /etc/kibana/kibana.yml

Add echo -e “ $HOSTNAME” >> /etc/kibana/kibana.yml

Add Elasticsearch.hosts echo -e ‘elasticsearch.hosts: [“http://localhost:9200"]' >> /etc/kibana/kibana.yml

Reload and Start Kibana systemctl daemon-reload

systemctl start kibana

Kibana Status

Start Kibana at system startup: systemctl status kibana


Access Kibana http://:5601



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Austin Songer

Austin Songer

Trusted Veteran | Compassionate. Aspiring. Resourceful.