Skip to content

Instantly share code, notes, and snippets.

@markwalkom

markwalkom/Step 1 - Elasticsearch and Kibana.md

Last active April 26, 2017 23:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save markwalkom/21ee5e17baa8a899ce36ac7bb2a858e1 to your computer and use it in GitHub Desktop.
Save markwalkom/21ee5e17baa8a899ce36ac7bb2a858e1 to your computer and use it in GitHub Desktop.
Download ZIP
Monitoring Your Elastic Stack, with Beats
Raw
Step 1 - Elasticsearch and Kibana.md

Download

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.3.1.tar.gz
wget https://artifacts.elastic.co/downloads/kibana/kibana-5.3.1-darwin-x86_64.tar.gz
wget https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-5.3.1.zip

Extract

tar zxf elasticsearch-5.3.1.tar.gz
tar zxf kibana-5.3.1-darwin-x86_64.tar.gz

Install X-Pack

Make sure you update the path to the file, it must be absolute.

elasticsearch-5.3.1/bin/elasticsearch-plugin install file:///Users/mark/Workspace/Webinar/x-pack-5.3.1.zip
kibana-5.3.1-darwin-x86_64/bin/kibana-plugin install file:///Users/mark/Workspace/Webinar/x-pack-5.3.1.zip

Start

elasticsearch-5.3.1/bin/elasticsearch
kibana-5.3.1-darwin-x86_64/bin/kibana
Raw
Step 2 - Logstash.md

Download

wget https://artifacts.elastic.co/downloads/logstash/logstash-5.3.1.tar.gz

Extract

tar zxf logstash-5.3.1.tar.gz

Install X-Pack

Make sure you update the path to the file, it must be absolute.

logstash-5.3.1/bin/logstash-plugin install file:///Users/mark/Workspace/Webinar/x-pack-5.3.1.zip

Config

Use vim/nano/atom etc to edit the logstash.conf file.

xpack.monitoring.elasticsearch.url: ["http://localhost:9200"] 
xpack.monitoring.elasticsearch.username: "logstash_system" 
xpack.monitoring.elasticsearch.password: "changeme

Start

logstash-5.3.1/bin/logstash -e 'input { stdin{} } filter {} output { elasticsearch { user => "elastic" password => "changeme" } }'
Raw
Step 3 - Metricbeat.md

Download

wget https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-5.3.1-darwin-x86_64.tar.gz
wget https://artifacts.elastic.co/downloads/beats/beats-dashboards/beats-dashboards-5.3.1.zip

Extract

tar zxf metricbeat-5.3.1-darwin-x86_64.tar.gz

Import dashboards

See https://www.elastic.co/guide/en/x-pack/current/beats.html for more info.

metricbeat-5.3.1-darwin-x86_64/scripts/import_dashboards -user elastic -pass changeme -file beats-dashboards-5.3.1.zip

Start

metricbeat-5.3.1-darwin-x86_64/metricbeat -c metricbeat-5.3.1-darwin-x86_64/metricbeat.yml
Raw
Step 4 - Metricbeat and Logstash.md

Update config

Update the output to use Logstash instead of directly to Elasticsearch. Make sure you include auth details!

Use vim/nano/atom etc.

vim metricbeat-5.3.1-darwin-x86_64/metricbeat.yml

Start

logstash-5.3.1/bin/logstash -e 'input { beats { port => 5044 } } filter {} output { elasticsearch { hosts => "localhost:9200" manage_template => false index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}" document_type => "%{[@metadata][type]}" } }'
metricbeat-5.3.1-darwin-x86_64/metricbeat -c metricbeat-5.3.1-darwin-x86_64/metricbeat.yml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment