{"id":112,"date":"2018-07-10T06:41:18","date_gmt":"2018-07-10T01:11:18","guid":{"rendered":"http:\/\/nerdapplabs.com\/blog-01\/?p=112"},"modified":"2018-07-11T00:44:09","modified_gmt":"2018-07-10T19:14:09","slug":"how-to-setup-elk-on-top-of-a-vm-with-latest-ubuntu-lts-18-04","status":"publish","type":"post","link":"https:\/\/nerdapplabs.com\/blog\/how-to-setup-elk-on-top-of-a-vm-with-latest-ubuntu-lts-18-04\/","title":{"rendered":"How to setup ELK stack with latest ubuntu LTS 18.04"},"content":{"rendered":"<p>The ELK Stack is a collection of three open-source products \u2014<a href=\"https:\/\/logz.io\/tag\/elasticsearch\/\"> Elasticsearch<\/a>, <a href=\"https:\/\/logz.io\/tag\/logstash\/\">Logstash<\/a>, and<a href=\"https:\/\/logz.io\/tag\/kibana\/\"> Kibana<\/a> \u2014 all developed, managed and maintained by <a href=\"https:\/\/www.elastic.co\"> Elastic<\/a>.<br \/>\n&nbsp;<br \/>\n<u><strong>Elasticsearch<\/strong><\/u> &#8211; Elasticsearch is a NoSQL database that is based on the Lucene search engine. Use for Indexing and storage.\u00a0Elasticsearch is a distributed, RESTful search and analytics engine, it centrally stores your data.<br \/>\n&nbsp;<br \/>\n<u><strong>Logstash<\/strong><\/u> &#8211; Logstash is a log pipeline tool that accepts inputs from various sources, executes different transformations, and exports the data to various targets.Use for Data Aggregation and Processing.<br \/>\n&nbsp;<br \/>\n<u><strong>Kibana<\/strong><\/u> &#8211; Kibana is a visualization layer that works on top of Elasticsearch.<br \/>\nIt is a browser-based user interface (UI) used to search, analyze and visualise the data stored in elasticsearch indices.<br \/>\n&nbsp;<\/p>\n<h3><b>Here are the steps to install ELK on Ubuntu LTS 18.04<\/b><\/h3>\n<p>&nbsp;<\/p>\n<h4>Step 1: Install Ubuntu 18.04 LTS (you can create a VM using VirtualBox)<\/h4>\n<p>&nbsp;<\/p>\n<h4>Step 2: Install Java<\/h4>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>The first thing to do is check what Java version you are running.\u00a0<\/b><\/li>\n<\/ul>\n<p><em><code>java -version<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>To install Java 8, update your system:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo apt-get update<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>Install java with:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo apt-get install default-jre<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>Checking your Java version now should give you the following output or similar:<\/b><\/li>\n<\/ul>\n<p><em>openjdk version &#8220;1.8.0_151&#8221;<\/em><\/p>\n<p><em>OpenJDK Runtime Environment (build 1.8.0_151-8u151-b12-0ubuntu0.16.04.2-b12)<\/em><\/p>\n<p><em>OpenJDK 64-Bit Server VM (build 25.151-b12, mixed mode)<\/em><br \/>\n&nbsp;<\/p>\n<h4>Step 3: Installing Elasticsearch<\/h4>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>Add elasticsearch to apt trusted keys:<\/b><\/li>\n<\/ul>\n<p><em><code>wget -qO - https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch | sudo apt-key add -<\/code><\/em><br \/>\n&nbsp;<br \/>\n<b>For Debian, you need to then install the apt-transport-https package:<\/b><br \/>\n<em><code>sudo apt-get install apt-transport-https<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>The next step is to add the repository definition to your system:<\/b><\/li>\n<\/ul>\n<p><em><code>echo \"deb https:\/\/artifacts.elastic.co\/packages\/6.x\/apt stable main\" | sudo tee -a \/etc\/apt\/sources.list.d\/elastic-6.x.list<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>Update your repositories and install Elasticsearch:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo apt-get update<\/code><\/em><\/p>\n<p><em><code>sudo apt-get install elasticsearch<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>To run Elasticsearch, use:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo service elasticsearch start<\/code><\/em><br \/>\n&nbsp;<br \/>\n<b>To confirm that everything is working as expected, point curl or your browser to<\/b><a href=\"http:\/\/localhost:9200\"> <b>http:\/\/localhost:9200<\/b><\/a><b>, and you should see something like the following output:<\/b><br \/>\n&nbsp;<br \/>\n<mark style=\"background-color: light-yellow;\"><em>{<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;name&#8221; : &#8220;ji0rjvq&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;cluster_name&#8221; : &#8220;elasticsearch&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;cluster_uuid&#8221; : &#8220;pzqZdF6gQL2VbYANwQs6bQ&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;version&#8221; : {<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;number&#8221; : &#8220;6.3.0&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;build_hash&#8221; : &#8220;424e937&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;build_date&#8221; : &#8220;2018-07-11T23:38:03.357887ZZ&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;build_snapshot&#8221; : false,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;lucene_version&#8221; : &#8220;7.3.1&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;minimum_wire_compatibility_version&#8221; : &#8220;5.6.0&#8221;,<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;minimum_index_compatibility_version&#8221; : &#8220;5.0.0&#8221;<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>},<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>&#8220;tagline&#8221; : &#8220;You Know, for Search&#8221;<\/em><\/p>\n<p><mark style=\"background-color: light-yellow;\"><em>}<\/em><\/p>\n<p>&nbsp;<\/p>\n<h4>Step:4 \u00a0Installing Logstash<\/h4>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>To install Logstash, run:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo apt-get install logstash<\/code><\/em><br \/>\n&nbsp;<\/p>\n<h4>Step:5 \u00a0Installing Kibana<\/h4>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>To install Kibana, run:<\/b><\/li>\n<\/ul>\n<p><em><code>sudo apt-get install kibana<\/code><\/em><br \/>\n&nbsp;<\/p>\n<ul>\n<li><b>Open up the Kibana configuration file at: <i>\/etc\/kibana\/kibana.yml<\/i>, and make sure you have the following configurations defined:<\/b><\/li>\n<\/ul>\n<p><em>server.port: 5601<\/em><br \/>\n<em>elasticsearch.url: &#8220;<a href=\"http:\/\/localhost:9200\">http:\/\/localhost:9200<\/a>&#8220;<\/em><\/p>\n<ul>\n&nbsp;<\/p>\n<li><b>These specific configurations tell Kibana which Elasticsearch to connect to and which port to use.<\/b><\/li>\n<\/ul>\n<p><em><code>sudo service kibana start<\/code><\/em><br \/>\n&nbsp;<br \/>\n<b>Open up Kibana in your browser with:<\/b><a href=\"http:\/\/localhost:5601\"> <b>http:\/\/localhost:5601<\/b><\/a><b>. You will be presented with the Kibana home page.<\/b><br \/>\n&nbsp;<\/p>\n<h3>Troubleshooting:<\/h3>\n<p>&nbsp;<br \/>\nWhile installing Logstash it may give following errors-<\/p>\n<ul>\n<li><b>\u201cunrecognised VM option \u2018UseParNewGC\u2019 error &#8211; could not create JVM\u201d<\/b> &#8211; check the version of java and if you are java 10 and it is giving \u201c\u201d use java 8 instead of 10.<\/li>\n<li><b>\u201cCannot allocate memory\u201d<\/b> &#8211; Follow the following link &#8211; \u00a0<a href=\"https:\/\/discuss.elastic.co\/t\/solved-logstash-cant-start-up-not-enough-memory\/51372\">https:\/\/discuss.elastic.co\/t\/solved-logstash-cant-start-up-not-enough-memory\/51372<\/a> and make changes in logstash jvm.options file.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong><em>Share and leave comment if you liked it or found it useful!<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The ELK Stack is a collection of three open-source products \u2014 Elasticsearch, Logstash, and Kibana \u2014 all developed, managed and maintained by Elastic. &nbsp; Elasticsearch &#8211; Elasticsearch is a NoSQL<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,3],"tags":[],"class_list":["post-112","post","type-post","status-publish","format-standard","hentry","category-elasticsearch","category-elk"],"_links":{"self":[{"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/posts\/112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/comments?post=112"}],"version-history":[{"count":32,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/posts\/112\/revisions"}],"predecessor-version":[{"id":243,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/posts\/112\/revisions\/243"}],"wp:attachment":[{"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/media?parent=112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/categories?post=112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nerdapplabs.com\/blog\/wp-json\/wp\/v2\/tags?post=112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}