Last active
March 26, 2018 20:08
-
-
Save keremcankabadayi/462281d5c44068db05859ae4992b21b4 to your computer and use it in GitHub Desktop.
Elk stack Installation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo apt-get update | |
sudo apt update && apt -y upgrade | |
sudo apt install apt-transport-https software-properties-common wget | |
sudo add-apt-repository ppa:webupd8team/java | |
sudo apt update | |
sudo apt install oracle-java8-installer | |
java -version | |
## This is version checker. It should be java version "1.8.0_131" | |
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - | |
sudo apt-get install apt-transport-https | |
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list | |
sudo apt-get update && sudo apt-get install elasticsearch | |
sudo nano /etc/elasticsearch/elasticsearch.yml | |
# Uncomment network.host: localhost | |
# Install nano | |
sudo apt-get install nano | |
sudo apt install kibana | |
sudo nano /etc/kibana/kibana.yml | |
server.host: "localhost" | |
sudo apt-get install nginx | |
echo "admin:$(openssl passwd -apr1 password)" | sudo tee -a /etc/nginx/htpasswd.kibana | |
sudo rm /etc/nginx/sites-enabled/default | |
#### Creating SSL keys ### | |
cd && mkdir keys | |
openssl genrsa -des3 -passout pass:x -out server.pass.key 2048 | |
openssl rsa -passin pass:x -in server.pass.key -out server.key | |
rm server.pass.key | |
openssl req -new -key server.key -out server.csr | |
openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt | |
## Change IP adress and certificates | |
sudo nano /etc/nginx/sites-available/kibana | |
# /home/NAMEOFCOMPUTER/keys/server.crt | |
# /home/NAMEOFCOMPUTER/keys/server.key | |
server { | |
listen 80 default_server; | |
server_name IP_ADRESS; | |
return 301 https://$server_name$request_uri; | |
} | |
server { | |
listen 443 default_server ssl http2; | |
server_name IP_ADRESS; | |
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; | |
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; | |
ssl_session_cache shared:SSL:10m; | |
auth_basic "Restricted Access"; | |
auth_basic_user_file /etc/nginx/htpasswd.kibana; | |
location / { | |
proxy_pass http://localhost:5601; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection 'upgrade'; | |
proxy_set_header Host $host; | |
proxy_cache_bypass $http_upgrade; | |
} | |
} | |
sudo ln -s /etc/nginx/sites-available/kibana /etc/nginx/sites-enabled/kibana | |
sudo nginx -t | |
## Result should be successfull. | |
sudo apt install logstash | |
sudo apt update && sudo apt install filebeat | |
sudo /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-geoip && sudo /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-user-agent | |
sudo systemctl enable elasticsearch && sudo systemctl enable kibana | |
sudo systemctl start elasticsearch && sudo systemctl start kibana && sudo systemctl start nginx | |
sudo systemctl restart elasticsearch && sudo systemctl restart kibana && sudo systemctl restart nginx | |
sudo systemctl stop elasticsearch && sudo systemctl stop kibana && sudo systemctl stop nginx | |
sites: | |
https://www.rosehosting.com/blog/install-and-configure-the-elk-stack-on-ubuntu-16-04/ | |
https://devcenter.heroku.com/articles/ssl-certificate-self |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment