Installation on Linux

This page contains the following sections:

Elasticsearch
Enabling Transport Layer Security (TLS) in the Elastic Stack & Auto generate passwords for the built-in accounts
Logstash

On Linux based systems it is recommended to install the Logstash and Elasticsearch packages using the distribution’s package manager. Due to this some of the prepared content of service.monitor Analytics store is not necessary for Linux setups.

Elasticsearch

To install Elasticsearch follow the instructions provided on Installation .

There are some additional steps you might follow to get your Cluster fully operational. However, please read the installation documents from Elasticsearch.

An elasticsearch.yml configuration file may contain these additional information:

# enabling security is recommended and desired
xpack.security.enabled: true
# this also comprises ssl transport security
xpack.security.transport.ssl.enabled: true
# you may define your own elasticsearch cluster name
cluster.name: <company>-operations
# each node participating in the cluster may receive an individual node name
node.name: analytics-node-01
# define network binding of elasticsearch, defaults to localhost, which is not sufficient if you distribute components across different nodes
# example here: there is a DNS entry available
network.host: "elastic.ops.company-vnet.de"
# some settings quite specific to the number of nodes participating in your elasticsearch cluster
# please verify w/ elastic docs
discovery.seed_hosts: ["elastic.ops.company-vnet.de"]
cluster.initial_master_nodes: ["elastic.ops.company-vnet.de"]

Enabling Transport Layer Security (TLS) in the Elastic Stack & Auto generate passwords for the built-in accounts

Running elasticsearch in production mode requires to enable Transport Layer Security. Elastic comes with some scripts which helps to setup this mode.

# generate new certificate authority
/usr/share/elasticsearch/bin/elasticsearch-certutil ca
# generates X.509 certificates and private keys
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
# auto create passwords for the built-in user accounts (--> xpack.security.enabled)
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto

Please also see Elastic’s information on TLS .

Logstash

To install Logstash follow the instructions .