Skip to content

Instantly share code, notes, and snippets.

@tankhuu

tankhuu/amazon_linux_install_logstash.sh

Last active March 20, 2018 08:57
Show Gist options
  • Save tankhuu/d32491e7d75948463ae674bc33ceb4ab to your computer and use it in GitHub Desktop.
Save tankhuu/d32491e7d75948463ae674bc33ceb4ab to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu 16.04 - Elastic ELK Installation
Raw
amazon_linux_install_logstash.sh
#!/usr/bin/env bash
java_base_version="8"
java_sub_version="161"
java_base_build="12"
java_version="${java_base_version}u${java_sub_version}"
java_build="b${java_base_build}"
java_version_with_build="${java_version}-${java_build}"
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=xxx; oraclelicense=accept-securebackup-cookie;" "http://download.oracle.com/otn-pub/java/jdk/${java_version_with_build}/2f38c3b165be4555a1fa6e98c45e0808/jdk-${java_version}-linux-x64.rpm"
if [ -f jdk-${java_version}-linux-x64.rpm ]
then
sudo rpm -i jdk-${java_version}-linux-x64.rpm
java -version
sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
cat << EOF | sudo tee -a /etc/yum.repos.d/logstash.repo
[logstash-6.x]
name=Elastic repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF
sudo yum install logstash -y
else
echo "Can't install java"
fi
# Install Amazon ES Output plugin
# sudo /usr/share/logstash/bin/logstash-plugin install logstash-output-amazon_es
Raw
install-elastic-elk.sh
# Add official java repo
sudo add-apt-repository ppa:webupd8team/java
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get -y install apt-transport-https
# Add elastic repo
echo 'deb https://artifacts.elastic.co/packages/5.x/apt stable main' | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
sudo apt-get -y update
echo 'oracle-java8-installer shared/accepted-oracle-license-v1-1 select true' | debconf-set-selections
sudo apt-get -y install git-all unzip libwww-perl libdatetime-perl oracle-java8-installer elasticsearch logstash kibana elasticsearch-curator
# Enable startup for ELK
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service
sudo /bin/systemctl enable logstash.service
sudo /bin/systemctl enable kibana.service
# Edit limitations for ELK
echo 'elasticsearch soft memlock unlimited' | sudo tee -a /etc/security/limits.conf
echo 'elasticsearch hard memlock unlimited' | sudo tee -a /etc/security/limits.conf
# Install x-pack
sudo /usr/share/elasticsearch/bin/elasticsearch-plugin install x-pack
sudo /usr/share/kibana/bin/kibana-plugin install x-pack
sudo /usr/share/logstash/bin/logstash-plugin install x-pack
# Configure x-pack
# Elasticsearch
echo "# X-Pack" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "xpack.graph.enabled: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "xpack.ml.enabled: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "xpack.monitoring.enabled: true" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "#xpack.reporting.enabled: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "xpack.security.enabled: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
echo "xpack.watcher.enabled: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml
# Logstash - if elasticsearch is not hosted on http://localhost:9200
# echo "xpack.monitoring.elasticsearch.url: http://elasticsearch_host:9200" | sudo tee -a /etc/logstash/logstash.yml
# ELK Source folders
# Elasticsearch
ls -l /usr/share/elasticsearch
# Logstash
ls -l /usr/share/logstash
# Kibana
ls -l /usr/share/kibana
# ELK Configuration Folders
# Elasticsearch
ls -l /etc/elasticsearch
ls -l /etc/default/elasticsearch
# Logstash
ls -l /etc/logstash
ls -l /etc/default/logstash
# Kibana
ls -l /etc/kibana
ls -l /etc/default/kibana
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment