Ssl_certificate => "/etc/ssl/logstash_frwrd.crt" input, filter & output section ~]# vi /etc/logstash/conf.d/nf This file will be divided into three sections i.e. We will now create a configuration file for logstash under the folder ‘ /etc/logstash/conf.d‘. Once the certificate is ready, this should be copied to all the clients using scp command. Now change the directory to /etc/ssl & create SSL certificate with 365 days validity, ~]# cd ssl]# openssl req -x509 -days 365 -batch -nodes -newkey rsa:2048 -keyout logstash-forwarder.key -out logstash_frwrd.crt Since we will be using IP address to connect to server, we will create SSL certificate for IP SAN.īefore creating a SSL certificate, we will make an entry of our IP in openssl.cnf, ~]# vi /etc/pki/tls/openssl.cnfĪnd look for parameter with ‘subjectAltName’ under section & add your server IP to it, subjectAltName = IP: 192.168.0.180 Configuration SSL certificate for logstashĪfter the logstash installation, we will now create a SSL certificate for securing communication between logstash & filebeat (clients). Installation of ELK stack is now complete & we will make the necessary configurations. To do that, open web-browser & enter the following url Next, we will access the webpage for kibana to make sure it’s working. Now install kibana using yum, ~]# yum install kibana -yĪfter installation, start service & enable it at boot time ~]# systemctl start ~]# systemctl enable kibanaĪllow 5601 port in OS Firewall ~]# firewall-cmd -permanent -add-port ~]# firewall-cmd -reload Name=Kibana repository for 4.5.x packages We will now create a repository for kibana, ~]# vi /etc//kibana.repo Now install logstash, ~]# yum install logstash -y Kibana We will now add logstash repository, ~]# vi /etc//logstash.repo We will now test elasticsearch to make sure that its responding to queries ~]# curl -X GET Output of above command should be something like below: In case Firewall is running ~]# firewall-cmd -permanent -add-port 9200/tcp Now we start the service & will also set to start at boot time ~]# systemctl ~]# systemctl start ~]# systemctl enable elasticsearchĪllow the 9200 tcp port in the OS firewall. Once the repository has been added, install elasticsearch using yum, ~]# yum install elasticsearch -y Now we will create a repo for the elastic-search repository, ~]# vi /etc//elasticsearch.repo To install elasticsearch, ~]# rpm –import ~]#
We will start by importing the GPG keys for elasticsearch, this key will also be shared with logstash & kibana.
#Elk stack install centos update#
Update /etc/hosts file 192.168.0.180 elk-stack Installation Steps of ELK Stack Elasticsearch Set the Hostname and update /etc/hosts file ~]# hostnamectl set-hostname "" OpenJDK Runtime Environment (build 1.8.0_131-b12) So make sure that java open-jdk version 1.8.0_* is installed and running and in case it is not installed, then run the beneath yum command to ~]# yum install java-1.8.0-openjdk ~]# java -version Machine on which we will install ELK should have Java version 8 installed on it as.
0 kommentar(er)
