ELK on Ubuntu Quick Install

gistfile1.txt

ELK on Ubuntu Quick Install
---------------------------
#Elasticsearch
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get update
sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
sudo apt-get update && sudo apt-get install elasticsearch
sudo su
vim /etc/elasticsearch/elasticsearch.yml
  network.host: "0.0.0.0"
  http.port:9200
  cluster.initial_master_nodes: ["PrivateIP"]
sudo service elasticsearch start
sudo curl http://localhost:9200

#Logstash
sudo apt-get install default-jre
sudo apt-get install logstash

#Kibana
sudo apt-get install kibana
sudo vim /etc/kibana/kibana.yml
  server.port: 5601
  server.host: "0.0.0.0"
  elasticsearch.url: "http://localhost:9200"
sudo service kibana start

#Metricbeat
sudo apt-get install metricbeat
sudo service metricbeat start

#Filebeat
sudo apt-get install filebeat
sudo service filebeat start

This kind of stuff is why data keeps getting leaked from ElasticSearch:

vim /etc/elasticsearch/elasticsearch.yml
  network.host: "0.0.0.0"

WARNING: if you don't have a firewall, your ElasticSearch is completely wide open now to the entire world with that setting. ElasticSearch does not have any security built into it, you must secure it on your own. The above line is inherently insecure.

It would be appreciated if the author could comment that line and provide an explanation

There are many ways to protect ES, such as reverse proxying it, or listening on a private interface, the above should only be used on a firewalled or natted connection.

Thanks for the script though, otherwise its great