Elasticsearch, Logstash & kibana

by M Yusuf

Centralized Log Menggunakan ELK Stack

 

sudo apt update

sudo apt upgrade -y sudo apt install htop git nginx curl unzip zip exif -y

sudo apt install libmcrypt-dev libjpeg-dev libpng-dev libjpeg-dev libfreetype6-dev libbz2-dev libzip-dev -y

 

Installing Java on Ubuntu

sudo apt-get install default-jre

java -version

 

Adding Elastic packages to your instance

curl -fsSL https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add

echo “deb https://artifacts.elastic.co/packages/7.x/apt stable main” | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

 

sudo apt update

sudo apt install elasticsearch

 

sudo vim /etc/elasticsearch/elasticsearch.yml

. . .
# ———————————- Network ———————————–
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: localhost
. . .

 

sudo systemctl start elasticsearch

sudo systemctl enable elasticsearch

 

Check runnning

sudo lsof -i -P -n | grep LISTEN | grep 9200

curl -XGET ‘http://localhost:9200/_all/_search?q=*&pretty’

curl -X GET “localhost:9200”

 

 

Install Kibana

sudo apt install kibana

sudo systemctl enable kibana
sudo systemctl start kibana

sudo lsof -i -P -n | grep LISTEN | grep 5601

 

sudo vim /etc/nginx/sites-available/logs.skul.id

 

server {
    listen 80;

    server_name your_domain;

    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;

    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

 

sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/your_domain

sudo nginx -t

sudo systemctl reload nginx

http://your_domain/status

 

Install Logstash

sudo apt install logstash

sudo systemctl start logstash

sudo systemctl enable logstash

 

Install filebeat

sudo apt install filebeat

sudo vim /etc/filebeat/filebeat.yml

 

 

https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elastic-stack-on-ubuntu-20-04

https://serverfault.com/questions/730622/how-to-format-log-data-before-forwarding-them-as-json-to-elasticsearch

https://flareapp.io/blog/30-how-we-use-elasticsearch-kibana-and-filebeat-to-handle-our-logs

https://devconnected.com/monitoring-linux-logs-with-kibana-and-rsyslog













Leave a Reply

Your email address will not be published. Required fields are marked *