Installing Elasticsearch, Logstash, Kibana, Filebeat on CentOS 7

1. change to root

$ su -

2. download and install the public signing key:

$ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

3. produce .repo files inorder to downlowd from YUM

$ touch /etc/yum.repos.d/elasticsearch.repo

$ vim /etc/yum.repos.d/elasticsearch.repo

4. produce .repo files inorder to downlowd from YUM

$ touch /etc/yum.repos.d/logstash.repo

$ vim /etc/yum.repos.d/logstash.repo

5. Such as step 4 to edit /etc/yum.repos.d/kibana.repo

6. build as step 4 to edit /etc/yum.repos.d/elastic.repo also

7. yum install elasticsearch logstash kibana filebeat

8. systemctl enable elasticsearch.service

systemctl enable kibana.service

systemctl enable filebeat.service

9. systemctl restart elasticsearch.service

systemctl restart kibana.service

systemctl restart filebeat.service

10. firewall-cmd --permanent --add-port=5601/tcp

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.0.0/24' port port='5601' protocol='tcp accept"

11. firewall-cmd --reload

12. modify /etc/kibana/kibana.yml

13. open elastic kibana with browser -> choose the data my own

14. monitoring system

$ filebeat modules enable system

$ filebeat modules enable auditd

$ filebeat -e setup

$ service restart filebeat.service

References

https://www.elastic.co/guide/en/kibana/current/rpm.html

https://www.elastic.co/downloads/elasticsearch

https://www.elastic.co/downloads/logstash

https://www.elastic.co/downloads/kibana

3C健忘人 - 疑難排除不求人 - no more ask for IT help