Skip to main content
  1. Posts/

Install Elastic Stack

·2 mins·
elasticsearch elasticsearch centos
Table of Contents

Elastic stack merupakan platform untuk distributed search dan analisis data secara real time. Ini terdiri dari Elasticsearch sebagai mesin pencari dan analisis terdistribusi, Logstash untuk pengumpulan, agregasi, dan enriching data lalu menyimpannya di Elasticsearch, dan Kibana untuk memvisualisasikan data serta mengelola dan memonitor stack.

Install Elasticsearch
#

Download dan install public signing key Elasticsearch.

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Buat file elasticsearch.repo di direktori /etc/yum.repos.d/ lalu edit seperti berikut.

[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Install Elasticsearch.

yum -y install elasticsearch

--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : Ynlk8LLKEr3umo3f=XBJ

Start service Elasticsearch.

systemctl daemon-reload
systemctl enable --now elasticsearch

Untuk mengecek Elasticsearch telah running.

curl --cacert /etc/elasticsearch/certs/http_ca.crt \
-u elastic:$ELASTIC_PASSWORD \
https://localhost:9200

{
  "name" : "elastic.srv1.host",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "w52m7QtoRKWsFd-diF_B2w",
  "version" : {
    "number" : "8.10.4",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "b4a62ac808e886ff032700c391f45f1408b2538c",
    "build_date" : "2023-10-11T22:04:35.506990650Z",
    "build_snapshot" : false,
    "lucene_version" : "9.7.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

Install Kibana
#

Install Kibana.

yum -y install kibana

Lalu start service Kibana.

systemctl daemon-reload
systemctl enable --now kibana

Generate enrollment token untuk kibana dengan elasticsearch-create-enrollment-token.

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana

eyJ2ZXIiOiI4LjEwLjQiLCJhZHIiOlsiMTkyLjE2OC4xNjAuMzQ6OTIwMCJdLCJmZ3IiOiI1ZTd........

Akses kibana dengan browser lalu masukan token.

Selanjutnya Anda akan dimintai verification code.

Untuk mendapatkan kode perintah berikut.

/usr/share/kibana/bin/kibana-verification-code

Setelah verifikasi, tunggu prosesnya sampai selesai.

Tes login ke kibana dengan user dan password elasticsearch

Logstash
#

Dari dashboard kibana, klik Add integration lalu cari Logstash.

Klik Add Logstash

Beri nama integrasi dan opsi lain biarkan default.

Pada bagian Add agent pilih Run standalone lalu ikuti proses install agent di server yang akan dimonitor

Setelah elastic-agent diinstall edit elastic-agent.yml menyesuaikan policy yang Anda dapatkan saat Add agent.

Start service elastic agent

systemctl start elastic-agent

Cek dashboard untuk memastikan data berhasil diambil dan dikumpulkan.

Related

Extract RPM Package Files
·1 min
centos centos
Create RPM Package from Source Code
·2 mins
centos centos
Find Linux Package That Provides Specific File
·1 min
linux linux ubuntu centos
Install Nginx dengan PHP-FPM dan Userdir
·9 mins
nginx centos linux php nginx
Install Specific Version of Package X with Yum Package Manager
·1 min
centos centos
Create Multiple IP Addresses in Linux
·2 mins
linux centos ubuntu linux