Last active
May 3, 2021 22:00
-
-
Save DanielBerman/176ee6f8395b6510ad11d4569fa8b971 to your computer and use it in GitHub Desktop.
ELK on Ubuntu Quick Install
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ELK on Ubuntu Quick Install | |
--------------------------- | |
#Elasticsearch | |
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - | |
sudo apt-get update | |
sudo apt-get install apt-transport-https | |
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list | |
sudo apt-get update && sudo apt-get install elasticsearch | |
sudo su | |
vim /etc/elasticsearch/elasticsearch.yml | |
network.host: "0.0.0.0" | |
http.port:9200 | |
cluster.initial_master_nodes: ["PrivateIP"] | |
sudo service elasticsearch start | |
sudo curl http://localhost:9200 | |
#Logstash | |
sudo apt-get install default-jre | |
sudo apt-get install logstash | |
#Kibana | |
sudo apt-get install kibana | |
sudo vim /etc/kibana/kibana.yml | |
server.port: 5601 | |
server.host: "0.0.0.0" | |
elasticsearch.url: "http://localhost:9200" | |
sudo service kibana start | |
#Metricbeat | |
sudo apt-get install metricbeat | |
sudo service metricbeat start | |
#Filebeat | |
sudo apt-get install filebeat | |
sudo service filebeat start | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This kind of stuff is why data keeps getting leaked from ElasticSearch:
WARNING: if you don't have a firewall, your ElasticSearch is completely wide open now to the entire world with that setting. ElasticSearch does not have any security built into it, you must secure it on your own. The above line is inherently insecure.
It would be appreciated if the author could comment that line and provide an explanation
There are many ways to protect ES, such as reverse proxying it, or listening on a private interface, the above should only be used on a firewalled or natted connection.
Thanks for the script though, otherwise its great