Guide How To Install Logstash For Elasticsearch On Linux

Introduction

Elastic has enabled their archive and retrieve service with some handy tools. One of these is called Logstash, and it is a customizable configuration tool. It equips the user with the ability to specifically designate targets and actions within the system for the engine. These, in turn, are preset to be monitored and/or retrieved depending upon the guidelines set by the user. The instructions that follow will walk the reader through the installation of the Logstash unit.

Prerequisites

• JDK 8 is required(Logstash does not yet officially support JDK 9). Also, be sure to have SSH access to the Linux server via private key and sudo privileges to install packages.

• Elasticsearch is reliant upon Java. To see the version currently running, use this command:

• If they are installed properly, text output in the terminal should look like this:

• Older versions of the Elastic Stack may require JDK 7, and only version 6.2 of ES has official support for JDK 9. The Java dependencies can be downloaded from Oracle’s website. For more information, the user can consult the Oracle Installation Guide.

• If running on a Debian-based Linux (like Ubuntu), the JDK 8 repository can be added and installed using these commands:

• Depending on the Linux system, if java was installed from a tarball, it has to be exported the JAVA_HOME environment. This is because java was being used by Logstash during the installation to automatically detect the environment and correctly install the startup method.

>If Logstash is unable to find JAVA_HOME variable during package installation, the user may get an error message, and Logstash will be unable to start properly…from Elastic – Installing Logstash

Installing Latest Version Using Source Package

• The user can download the Logstash package that is compatible with the host from the Elastic website.

• If the user is installing on a Debian-based server or machine (such as Ubuntu), it is suggested to install the apt-transport-https library first.

• Use sudo to elevate the user as a super user and run apt-get update on the Linux system before installing a package from the APT repository.

• After the repositories have been updated, the package can be installed:

• To install the latest version of Logstash, use this command to install it from the updated APT repository:

Installing Older Versions Of Logstash

• For another version of Logstash, use the wget command to download the chosen release from Elastic’s “Past Releases” page. Keeping the versions on separate pages ensures that the user won’t accidentally upgrade to major versions and break potentially compatibility.

• Make sure that the version of Elasticsearch is still supported and compatible with the version of Logstash being installed.

• The ELK stack repositories are available in distributions for both APT and YUM.

• In this article, version 6.0 will be downloaded from its repository page as an example.

Debian-based Distros

• For Debian systems make sure to download the .deb package:

• When the download finishes, use the dpkg command for installing the package. Make sure to be in the same package directory, and run this command using sudo privileges:

• Use the -i option to make the Debian installer interactive.

Red Hat Linux Distros

• For “Red Hat” distros, like CentOS, the user needs to download the RPM package and install it. This example uses the -ivh options to make the installation verbose and interactive:

• Logstash should not be installed in a directory path containing a colon (:) character.

Install Using The Elastic Signing Key

• The Logstash package repositories for different versions are all on the Elastic website. For all 6.x.y releases use the 6.x as the version number…from Elastic – Installing Logstash

• Elastic uses D88E42B4 for a PGP, Elastic’s Signing Key, as a fingerprint.

Install With YUM

• Download it to install the public access signing key:

• Add the following to the directory /etc/yum.repos.d/ with the suffix (.repo) at the end of the file. For example: `logstash.repo`

• Now the repository can be used. It can be installed with:

• To configure Logstash, the user will need to modify the logstash.conf configuration file. Learn the procedure at the Elastic website.

• There are several Logstash installations possible on the Linux platform. However, care must be taken with the processes, and it is important to always refer to installation documentation for proper guidance.

Conclusion:

The process outlined above is an excellent start to utilizing the tools from Elastic more dynamically on a Linux system. The Logstash tool will help its user to exercise greater control over the functions of the platform. The Elastic Stack, known as the ELK, has more programs that add even further performance enhancements, tweaks, and options. They are all designed to work as a complete harmonious network to archive, search, and manage databases in a more efficient manner. Please, see some of the other guides for more instructions on How-To add other programs compatible with the ones mentioned here.