Installing Elasticsearch, Logstash, Kibana, Filebeat on CentOS 7

1. change to root

$ su -

2. download and install the public signing key:

$ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

3. produce .repo files inorder to downlowd from YUM

$ touch /etc/yum.repos.d/elasticsearch.repo

$ vim /etc/yum.repos.d/elasticsearch.repo

 


 

 

 

 

 

4. produce .repo files inorder to downlowd from YUM

$ touch /etc/yum.repos.d/logstash.repo

$ vim /etc/yum.repos.d/logstash.repo 

 


 

 

 

 

 

5. Such as step 4 to edit /etc/yum.repos.d/kibana.repo






6. build as step 4 to edit /etc/yum.repos.d/elastic.repo also







7. yum install elasticsearch logstash kibana filebeat


8. systemctl enable elasticsearch.service

    systemctl enable kibana.service

    systemctl enable filebeat.service

9. systemctl restart elasticsearch.service

    systemctl restart kibana.service

    systemctl restart filebeat.service


10. firewall-cmd --permanent --add-port=5601/tcp

or

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.0.0/24' port port='5601' protocol='tcp accept"


11. firewall-cmd --reload


12. modify /etc/kibana/kibana.yml

 












13. open elastic kibana with browser -> choose the data my own












14.  monitoring system

$ filebeat modules enable system

$ filebeat modules enable auditd

$ filebeat -e setup

$ service restart filebeat.service


 

References

https://www.elastic.co/guide/en/kibana/current/rpm.html

https://www.elastic.co/downloads/elasticsearch

https://www.elastic.co/downloads/logstash

https://www.elastic.co/downloads/kibana


位置: 台灣

這個網誌中的熱門文章

Upgrade php and httpd(apache) on CentOS 7

圖片
1. for latest php from https://rpms.remirepo.net/ $ wget https://rpms.remirepo.net/enterprise/remi-release-7.rpm $ sudo  rpm -ivh remi-release-7.rpm $ sudo yum -y --enablerepo='remi-php74' --enablerepo='remi'  install php-7.4.29       2. for latest httpd from https://repo.codeit.guru/ $ wget https://repo.codeit.guru/codeit-repo-release.el7.rpm $ sudo rpm -ivh codeit-repo-release.el7.rpm $ sudo yum -y install httpd-2.4.53 3. If error message occurred on httpd-2.4.53 + php 5.4.X (Invalid command php...) modify /etc/httpd/conf.modules.d/00-mpm.conf disable mpm_event with #(sharp) and enable mpm_prefork with unsharp references https://rpms.remirepo.net/ https://repo.codeit.guru/ https://repo.codeit.guru/packages/centos/7/x86_64/  https://repo.ius.io/ https://tw.arip-photo.org/320126-error-start-apache-php-value-MDGNGZ https://www.datadoghq.com/blog/monitoring-apache-web-server-performance/#prefork-mpm #Cyber Security    
閱讀完整內容

Installing VMware workstation pro on Ubuntu 22.X (Jammy Jellyfish)

圖片
 1. Download workstation pro for vmware website https://www.vmware.com/tw/products/workstation-pro/workstation-pro-evaluation.html e.g.  VMware-Workstation-Full-16.2.3-19376536.x86_64.bundle 2. Download modules patch from github https://github.com/mkubecek/vmware-host-modules/releases/tag/w16.2.3-k5.18 tarball https://github.com/mkubecek/vmware-host-modules/archive/refs/tags/w16.2.3-k5.18.tar.gz 3. Execute by sudo $ chmod 755 VMware-Workstation-Full-16.2.3-19376536.x86_64.bundle $ sudo apt-get -y install build-essential $ sudo VMware-Workstation-Full-16.2.3-19376536.x86_64.bundle 4.Execude by account $ vmware 5. patch vmmon and vmnet $ tar zxvf w16.2.3-k5.18.tar.gz  $ cd  vmware-host-modules-w16.2.3-k5.18 $ tar cvf vmnet.tar  vmnet-only && sudo cp vmnet.tar /usr/lib/vmware/modules/source/ $ tar cvf vmmon.tar vmmon-only && sudo cp vmmon.tar /usr/lib/vmware/modules/source/ $ sudo vmware-modconfig --console --install-all                   6. Execute by account Lauch vmware
閱讀完整內容