Guide How To Install Logstash For Elasticsearch On Linux
Elastic has enabled their archive and retrieve service with some handy tools. One of these is called Logstash, and it is a customizable configuration tool. It equips the user with the ability to specifically designate targets and actions within the system for the engine. These, in turn, are preset to be monitored and/or retrieved depending upon the guidelines set by the user. The instructions that follow will walk the reader through the installation of the Logstash unit.
- JDK 8 is required(Logstash does not yet officially support JDK 9). Also, be sure to have
SSHaccess to the Linux server via private key and
sudoprivileges to install packages.
- Elasticsearch is reliant upon Java. To see the version currently running, use this command:
- If they are installed properly, text output in the terminal should look like this:
Java(TM) SE Runtime Environment (build 1.8.0_65-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.65-b01, mixed mode)
- Older versions of the Elastic Stack may require JDK 7, and only version 6.2 of ES has official support for JDK 9. The Java dependencies can be downloaded from Oracle’s website. For more information, the user can consult the Oracle Installation Guide.
- If running on a Debian-based Linux (like Ubuntu), the JDK 8 repository can be added and installed using these commands:
sudo apt-get update
- Depending on the Linux system, if java was installed from a tarball, it has to be exported the
JAVA_HOMEenvironment. This is because java was being used by Logstash during the installation to automatically detect the environment and correctly install the startup method.
>If Logstash is unable to find JAVA_HOME variable during package installation, the user may get an error message, and Logstash will be unable to start properly…from Elastic – Installing Logstash
Installing Latest Version Using Source Package
- The user can download the Logstash package that is compatible with the host from the Elastic website.
- If the user is installing on a Debian-based server or machine (such as Ubuntu), it is suggested to install the
sudoto elevate the user as a super user and run
apt-get updateon the Linux system before installing a package from the
- After the repositories have been updated, the package can be installed:
- To install the latest version of Logstash, use this command to install it from the updated
Installing Older Versions Of Logstash
- For another version of Logstash, use the
wgetcommand to download the chosen release from Elastic’s “Past Releases” page. Keeping the versions on separate pages ensures that the user won’t accidentally upgrade to major versions and break potentially compatibility.
- Make sure that the version of Elasticsearch is still supported and compatible with the version of Logstash being installed.
- The ELK stack repositories are available in distributions for both APT and YUM.
- In this article, version 6.0 will be downloaded from its repository page as an example.
- For Debian systems make sure to download the
- When the download finishes, use the
dpkgcommand for installing the package. Make sure to be in the same package directory, and run this command using
- Use the
-ioption to make the Debian installer interactive.
Red Hat Linux Distros
- For “Red Hat” distros, like CentOS, the user needs to download the
RPMpackage and install it. This example uses the
-ivhoptions to make the installation verbose and interactive:
sudo rpm -ivh logstash-6.6.0.rpm
- Logstash should not be installed in a directory path containing a colon (:) character.
Install Using The Elastic Signing Key
- The Logstash package repositories for different versions are all on the Elastic website. For all 6.x.y releases use the 6.x as the version number…from Elastic – Installing Logstash
- Elastic uses D88E42B4 for a PGP, Elastic’s Signing Key, as a fingerprint.
Install With YUM
- Download it to install the public access signing key:
- Add the following to the directory /etc/yum.repos.d/ with the suffix (.repo) at the end of the file. For example:
name=Elastic repository for 6.x packages
- Now the repository can be used. It can be installed with:
- To configure Logstash, the user will need to modify the
logstash.confconfiguration file. Learn the procedure at the Elastic website.
- There are several Logstash installations possible on the Linux platform. However, care must be taken with the processes, and it is important to always refer to installation documentation for proper guidance.
The process outlined above is an excellent start to utilizing the tools from Elastic more dynamically on a Linux system. The Logstash tool will help its user to exercise greater control over the functions of the platform. The Elastic Stack, known as the ELK, has more programs that add even further performance enhancements, tweaks, and options. They are all designed to work as a complete harmonious network to archive, search, and manage databases in a more efficient manner. Please, see some of the other guides for more instructions on How-To add other programs compatible with the ones mentioned here.