zebde/001-elksetup.sh

## 001-elksetup.sh
#!/bin/bash

# ---------------------------------------------------------------------------
# elksetup.sh - Ubuntu 14.04 based ELK installation script

# Copyright 2015,  https://github.com/zebde

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License at <http://www.gnu.org/licenses/> for
# more details.

# Usage: elksetup.sh
# Usage: bash -c "$(curl -fsSL https://gist.github.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/001-elksetup.sh)"
# ---------------------------------------------------------------------------

## General Tidyness
sudo apt-get -y install software-properties-common python-software-properties
sudo add-apt-repository -y ppa:webupd8team/java
wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
##echo "deb http://packages.elastic.co/logstash/2.1/debian stable main" | sudo tee -a /etc/apt/sources.list.d/logstash.list
sudo apt-get -y update
sudo apt-get -y upgrade

## Get Java RE
echo debconf shared/accepted-oracle-license-v1-1 select true | sudo debconf-set-selections
echo debconf shared/accepted-oracle-license-v1-1 seen true | sudo debconf-set-selections
sudo apt-get -y install oracle-java8-installer
sudo bash -c "echo JAVA_HOME=/usr/lib/jvm/java-8-oracle/ >> /etc/environment"

## Get the core

### Logstash
##sudo apt-get install logstash

### Elasticsearch
sudo apt-get -y install elasticsearch
##### setup the rc.d defaults for the service and restart it
sudo update-rc.d elasticsearch defaults 95 10
sudo service elasticsearch start

### Kibana
sudo mkdir -p /srv/www
wget -P /tmp https://download.elastic.co/kibana/kibana/kibana-4.3.0-linux-x64.tar.gz
sudo tar xf /tmp/kibana-4.3.0-linux-x64.tar.gz -C /srv/www/
sudo mv /srv/www/kibana-4.3.0-linux-x64 /srv/www/kibana
sudo chown -R www-data:www-data /srv/www/kibana
sudo sed -i 's/host: "0.0.0.0"/host: "localhost"/g' /srv/www/kibana/config/kibana.yml
sudo wget -O /etc/init.d/kibana https://gist.githubusercontent.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/003-kibana.script
sudo chmod +x /etc/init.d/kibana
sudo update-rc.d kibana defaults 96 9
sudo service kibana start

### TimeLion
sudo /srv/www/kibana/bin/kibana plugin -i kibana/timelion
sudo service kibana restart

### NGINX
sudo apt-get -y install nginx apache2-utils
p=`openssl rand -base64 6`
sudo htpasswd -bc /etc/nginx/htpasswd.users kibanaadmin $p
sudo wget -O /etc/nginx/sites-available/elk.conf https://gist.githubusercontent.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/002-elk.conf
sudo ln -s /etc/nginx/sites-available/elk.conf /etc/nginx/sites-enabled/elk.conf
sudo rm /etc/nginx/sites-enabled/default
sudo service nginx restart


echo "-------------------------------------------"
echo "-          ELK Setup Complete             -"
echo "-                                         -"
echo "-  You can access kibana on port 80       -"
echo "-  Username: kibanaadmin                  -"
echo "-  Password: $p                       -"
echo "-                                         -"
echo "-------------------------------------------"

## 002-elk.conf
server {
    listen 80;

    server_name example.com;

    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;

    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

## 003-kibana.script
#!/bin/sh
#
# /etc/init.d/kibana4 -- startup script for kibana4
# bsmith@the408.com 2015-02-20; used elasticsearch init script as template
# https://github.com/akabdog/scripts/edit/master/kibana4_init
#
### BEGIN INIT INFO
# Provides:          kibana4
# Required-Start:    $network $remote_fs $named
# Required-Stop:     $network $remote_fs $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Starts kibana4
# Description:       Starts kibana4 using start-stop-daemon
### END INIT INFO

#configure this with wherever you unpacked kibana:
KIBANA_BIN=/srv/www/kibana/bin

PID_FILE=/var/run/$NAME.pid
PATH=/bin:/usr/bin:/sbin:/usr/sbin:$KIBANA_BIN
DAEMON=$KIBANA_BIN/kibana
NAME=kibana
DESC="Kibana"

if [ `id -u` -ne 0 ]; then
	echo "You need root privileges to run this script"
	exit 1
fi

. /lib/lsb/init-functions

if [ -r /etc/default/rcS ]; then
	. /etc/default/rcS
fi

case "$1" in
  start)
	log_daemon_msg "Starting $DESC"

	pid=`pidofproc -p $PID_FILE kibana`
	if [ -n "$pid" ] ; then
		log_begin_msg "Already running."
		log_end_msg 0
		exit 0
	fi

	# Start Daemon
	start-stop-daemon --start --pidfile "$PID_FILE" --make-pidfile --background --exec $DAEMON
	log_end_msg $?
	;;
  stop)
	log_daemon_msg "Stopping $DESC"

	if [ -f "$PID_FILE" ]; then
		start-stop-daemon --stop --pidfile "$PID_FILE" \
			--retry=TERM/20/KILL/5 >/dev/null
		if [ $? -eq 1 ]; then
			log_progress_msg "$DESC is not running but pid file exists, cleaning up"
		elif [ $? -eq 3 ]; then
			PID="`cat $PID_FILE`"
			log_failure_msg "Failed to stop $DESC (pid $PID)"
			exit 1
		fi
		rm -f "$PID_FILE"
	else
		log_progress_msg "(not running)"
	fi
	log_end_msg 0
	;;
  status)
	status_of_proc -p $PID_FILE kibana kibana && exit 0 || exit $?
    ;;
  restart|force-reload)
	if [ -f "$PID_FILE" ]; then
		$0 stop
		sleep 1
	fi
	$0 start
	;;
  *)
	log_success_msg "Usage: $0 {start|stop|restart|force-reload|status}"
	exit 1
	;;
esac

exit 0
	#!/bin/bash

	# ---------------------------------------------------------------------------
	# elksetup.sh - Ubuntu 14.04 based ELK installation script

	# Copyright 2015, https://github.com/zebde

	# This program is free software: you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation, either version 3 of the License, or
	# (at your option) any later version.

	# This program is distributed in the hope that it will be useful,
	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	# GNU General Public License at <http://www.gnu.org/licenses/> for
	# more details.

	# Usage: elksetup.sh
	# Usage: bash -c "$(curl -fsSL https://gist.github.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/001-elksetup.sh)"
	# ---------------------------------------------------------------------------

	## General Tidyness
	sudo apt-get -y install software-properties-common python-software-properties
	sudo add-apt-repository -y ppa:webupd8team/java
	wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch \| sudo apt-key add -
	echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" \| sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
	##echo "deb http://packages.elastic.co/logstash/2.1/debian stable main" \| sudo tee -a /etc/apt/sources.list.d/logstash.list
	sudo apt-get -y update
	sudo apt-get -y upgrade

	## Get Java RE
	echo debconf shared/accepted-oracle-license-v1-1 select true \| sudo debconf-set-selections
	echo debconf shared/accepted-oracle-license-v1-1 seen true \| sudo debconf-set-selections
	sudo apt-get -y install oracle-java8-installer
	sudo bash -c "echo JAVA_HOME=/usr/lib/jvm/java-8-oracle/ >> /etc/environment"

	## Get the core

	### Logstash
	##sudo apt-get install logstash

	### Elasticsearch
	sudo apt-get -y install elasticsearch
	##### setup the rc.d defaults for the service and restart it
	sudo update-rc.d elasticsearch defaults 95 10
	sudo service elasticsearch start

	### Kibana
	sudo mkdir -p /srv/www
	wget -P /tmp https://download.elastic.co/kibana/kibana/kibana-4.3.0-linux-x64.tar.gz
	sudo tar xf /tmp/kibana-4.3.0-linux-x64.tar.gz -C /srv/www/
	sudo mv /srv/www/kibana-4.3.0-linux-x64 /srv/www/kibana
	sudo chown -R www-data:www-data /srv/www/kibana
	sudo sed -i 's/host: "0.0.0.0"/host: "localhost"/g' /srv/www/kibana/config/kibana.yml
	sudo wget -O /etc/init.d/kibana https://gist.githubusercontent.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/003-kibana.script
	sudo chmod +x /etc/init.d/kibana
	sudo update-rc.d kibana defaults 96 9
	sudo service kibana start

	### TimeLion
	sudo /srv/www/kibana/bin/kibana plugin -i kibana/timelion
	sudo service kibana restart

	### NGINX
	sudo apt-get -y install nginx apache2-utils
	p=`openssl rand -base64 6`
	sudo htpasswd -bc /etc/nginx/htpasswd.users kibanaadmin $p
	sudo wget -O /etc/nginx/sites-available/elk.conf https://gist.githubusercontent.com/zebde/aa8bca77de96b00bfc136807f1769b3a/raw/002-elk.conf
	sudo ln -s /etc/nginx/sites-available/elk.conf /etc/nginx/sites-enabled/elk.conf
	sudo rm /etc/nginx/sites-enabled/default
	sudo service nginx restart



	echo "-------------------------------------------"
	echo "- ELK Setup Complete -"
	echo "- -"
	echo "- You can access kibana on port 80 -"
	echo "- Username: kibanaadmin -"
	echo "- Password: $p -"
	echo "- -"
	echo "-------------------------------------------"
	server {
	listen 80;

	server_name example.com;

	auth_basic "Restricted Access";
	auth_basic_user_file /etc/nginx/htpasswd.users;

	location / {
	proxy_pass http://localhost:5601;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}
	}
	#!/bin/sh
	#
	# /etc/init.d/kibana4 -- startup script for kibana4
	# bsmith@the408.com 2015-02-20; used elasticsearch init script as template
	# https://github.com/akabdog/scripts/edit/master/kibana4_init
	#
	### BEGIN INIT INFO
	# Provides: kibana4
	# Required-Start: $network $remote_fs $named
	# Required-Stop: $network $remote_fs $named
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: Starts kibana4
	# Description: Starts kibana4 using start-stop-daemon
	### END INIT INFO

	#configure this with wherever you unpacked kibana:
	KIBANA_BIN=/srv/www/kibana/bin

	PID_FILE=/var/run/$NAME.pid
	PATH=/bin:/usr/bin:/sbin:/usr/sbin:$KIBANA_BIN
	DAEMON=$KIBANA_BIN/kibana
	NAME=kibana
	DESC="Kibana"

	if [ `id -u` -ne 0 ]; then
	echo "You need root privileges to run this script"
	exit 1
	fi

	. /lib/lsb/init-functions

	if [ -r /etc/default/rcS ]; then
	. /etc/default/rcS
	fi

	case "$1" in
	start)
	log_daemon_msg "Starting $DESC"

	pid=`pidofproc -p $PID_FILE kibana`
	if [ -n "$pid" ] ; then
	log_begin_msg "Already running."
	log_end_msg 0
	exit 0
	fi

	# Start Daemon
	start-stop-daemon --start --pidfile "$PID_FILE" --make-pidfile --background --exec $DAEMON
	log_end_msg $?
	;;
	stop)
	log_daemon_msg "Stopping $DESC"

	if [ -f "$PID_FILE" ]; then
	start-stop-daemon --stop --pidfile "$PID_FILE" \
	--retry=TERM/20/KILL/5 >/dev/null
	if [ $? -eq 1 ]; then
	log_progress_msg "$DESC is not running but pid file exists, cleaning up"
	elif [ $? -eq 3 ]; then
	PID="`cat $PID_FILE`"
	log_failure_msg "Failed to stop $DESC (pid $PID)"
	exit 1
	fi
	rm -f "$PID_FILE"
	else
	log_progress_msg "(not running)"
	fi
	log_end_msg 0
	;;
	status)
	status_of_proc -p $PID_FILE kibana kibana && exit 0 \|\| exit $?
	;;
	restart\|force-reload)
	if [ -f "$PID_FILE" ]; then
	$0 stop
	sleep 1
	fi
	$0 start
	;;
	*)
	log_success_msg "Usage: $0 {start\|stop\|restart\|force-reload\|status}"
	exit 1
	;;
	esac

	exit 0