In this article, we will learn how to install the Elastic Stack on Ubuntu 24.04 LTS. The ELK Stack consists of Elasticsearch, Logstash, and Kibana, with Filebeat often used to ship logs to Logstash. This powerful combination is essential for centralized logging, data visualization, and real-time analysis. We will guide you through the installation and configuration of each component of the ELK stack and verify their setup.
Table of Contents
Prerequisites
- AWS Account with Ubuntu 24.04 LTS EC2 Instance.
- At least 2 CPU cores and 4 GB of RAM for smooth performance.
Step #1:Install Java for Elastic Stack on Ubuntu 24.04 LTS
Start by updating your system’s package index.
sudo apt update
![How to Install Elastic Stack on Ubuntu 24.04 LTS 1](https://www.fosstechnix.com/wp-content/uploads/2024/06/1-8.png)
Install the apt-transport-https package to access repository over HTTPS.
sudo apt install apt-transport-https
![How to Install Elastic Stack on Ubuntu 24.04 LTS 2](https://www.fosstechnix.com/wp-content/uploads/2024/06/2-8-1024x478.png)
Elastic Stack components require Java. We will install OpenJDK 11, which is a widely used open-source implementation of the Java Platform.
sudo apt install openjdk-11-jdk -y
![How to Install Elastic Stack on Ubuntu 24.04 LTS 3](https://www.fosstechnix.com/wp-content/uploads/2024/06/3-8.png)
After installation, verify that Java is correctly installed by checking its version.
java -version
![How to Install Elastic Stack on Ubuntu 24.04 LTS 4](https://www.fosstechnix.com/wp-content/uploads/2024/06/4-8.png)
To ensure stack components can locate Java, we need to set the JAVA_HOME
environment variable. Open the environment file.
sudo nano /etc/environment
![How to Install Elastic Stack on Ubuntu 24.04 LTS 5](https://www.fosstechnix.com/wp-content/uploads/2024/06/5-7.png)
Add the following line at the end of the file.
JAVA_HOME="/usr/lib/jvm/java-11-openjdk-amd64"
Apply the changes by reloading the environment.
source /etc/environment
![How to Install Elastic Stack on Ubuntu 24.04 LTS 6](https://www.fosstechnix.com/wp-content/uploads/2024/06/6-7.png)
Verify that JAVA_HOME
is set correctly.
echo $JAVA_HOME
![How to Install Elastic Stack on Ubuntu 24.04 LTS 7](https://www.fosstechnix.com/wp-content/uploads/2024/06/7-5.png)
Step #2:Install ElasticSearch on Ubuntu 24.04 LTS
Elasticsearch is the core component of the ELK Stack, used for search and analytics. We need to import the public signing key and add the Elasticsearch APT repository to your system.
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
![How to Install Elastic Stack on Ubuntu 24.04 LTS 8](https://www.fosstechnix.com/wp-content/uploads/2024/06/8-5-1024x14.png)
Add the repository definition.
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
![How to Install Elastic Stack on Ubuntu 24.04 LTS 9](https://www.fosstechnix.com/wp-content/uploads/2024/06/9-4-1024x40.png)
Update the package lists again to include the new Elasticsearch repository.
sudo apt-get update
![How to Install Elastic Stack on Ubuntu 24.04 LTS 10](https://www.fosstechnix.com/wp-content/uploads/2024/06/10-4.png)
Install Elasticsearch.
sudo apt-get install elasticsearch
![How to Install Elastic Stack on Ubuntu 24.04 LTS 11](https://www.fosstechnix.com/wp-content/uploads/2024/06/11-4.png)
Start Elasticsearch and configure it to run at system startup.
sudo systemctl start elasticsearch
sudo systemctl enable elasticsearch
![How to Install Elastic Stack on Ubuntu 24.04 LTS 12](https://www.fosstechnix.com/wp-content/uploads/2024/06/12-4-1024x48.png)
Verify that Elasticsearch is running.
sudo systemctl status elasticsearch
You should see output indicating that the service is active and running.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 13](https://www.fosstechnix.com/wp-content/uploads/2024/06/13-4-1024x231.png)
Step #3:Configure Elasticsearch on Ubuntu 24.04 LTS
To allow external access to Elasticsearch, modify the configuration file.
sudo nano /etc/elasticsearch/elasticsearch.yml
![How to Install Elastic Stack on Ubuntu 24.04 LTS 14](https://www.fosstechnix.com/wp-content/uploads/2024/06/14-4.png)
Find the network.host
setting, uncomment it, and set it to 0.0.0.0
to bind to all available IP addresses and uncomment the discovery
section to specify the initial nodes for cluster formation discovery.seed_hosts: []
![How to Install Elastic Stack on Ubuntu 24.04 LTS 15](https://www.fosstechnix.com/wp-content/uploads/2024/06/35-1.png)
For a basic setup (not recommended for production), disable security features.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 16](https://www.fosstechnix.com/wp-content/uploads/2024/06/36-2.png)
Restart Elasticsearch to apply the changes.
sudo systemctl restart elasticsearch
![How to Install Elastic Stack on Ubuntu 24.04 LTS 17](https://www.fosstechnix.com/wp-content/uploads/2024/06/15-4.png)
To confirm that Elasticsearch is set up correctly, send a test HTTP request using curl
.
curl -X GET "localhost:9200"
You should see a JSON response.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 18](https://www.fosstechnix.com/wp-content/uploads/2024/06/16-4.png)
You can access it using browser with your Public IP address:9200 port which is a default port for Elasticksearch.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 19](https://www.fosstechnix.com/wp-content/uploads/2024/06/17-2.png)
Step #4:Install Logstash on Ubuntu 24.04 LTS
Logstash is used to process and forward log data to Elasticsearch. Install Logstash using following command.
sudo apt-get install logstash -y
![How to Install Elastic Stack on Ubuntu 24.04 LTS 20](https://www.fosstechnix.com/wp-content/uploads/2024/06/18-1.png)
Start and enable Logstash.
sudo systemctl start logstash
sudo systemctl enable logstash
![How to Install Elastic Stack on Ubuntu 24.04 LTS 21](https://www.fosstechnix.com/wp-content/uploads/2024/06/19-1-1024x49.png)
Verify the service status.
sudo systemctl status logstash
![How to Install Elastic Stack on Ubuntu 24.04 LTS 22](https://www.fosstechnix.com/wp-content/uploads/2024/06/20-1-1024x166.png)
Step #5:Install Kibana on Ubuntu 24.04 LTS
Kibana provides a web interface for visualizing data from Elasticsearch. Install Kibana using following command.
sudo apt-get install kibana
![How to Install Elastic Stack on Ubuntu 24.04 LTS 23](https://www.fosstechnix.com/wp-content/uploads/2024/06/21.png)
Start and enable the Kibana service.
sudo systemctl start kibana
sudo systemctl enable kibana
![How to Install Elastic Stack on Ubuntu 24.04 LTS 24](https://www.fosstechnix.com/wp-content/uploads/2024/06/22-1-1024x54.png)
Check the status of Kibana:
sudo systemctl status kibana
![How to Install Elastic Stack on Ubuntu 24.04 LTS 25](https://www.fosstechnix.com/wp-content/uploads/2024/06/23-1-1024x231.png)
Step #6:Configure Kibana on Ubuntu 24.04 LTS
To configure Kibana for external access, edit the configuration file.
sudo nano /etc/kibana/kibana.yml
![How to Install Elastic Stack on Ubuntu 24.04 LTS 26](https://www.fosstechnix.com/wp-content/uploads/2024/06/24-1.png)
Uncomment and adjust the following lines to bind Kibana to all IP addresses and connect it to Elasticsearch.
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://localhost:9200"]
![How to Install Elastic Stack on Ubuntu 24.04 LTS 27](https://www.fosstechnix.com/wp-content/uploads/2024/06/37-1.png)
Restart Kibana to apply the changes.
sudo systemctl restart kibana
![How to Install Elastic Stack on Ubuntu 24.04 LTS 28](https://www.fosstechnix.com/wp-content/uploads/2024/06/25-1.png)
Access the Kibana interface by navigating to http://<your-server-ip>:5601
in your web browser. This will open the Kibana dashboard where you can start exploring your data.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 29](https://www.fosstechnix.com/wp-content/uploads/2024/06/33-1-1024x516.png)
You can start by adding integrations
or Explore on my own
.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 30](https://www.fosstechnix.com/wp-content/uploads/2024/06/34-1024x489.png)
Step #7:Install Filebeat on Ubuntu 24.04 LTS
Filebeat is a lightweight shipper used to forward and centralize log data. Install Filebeat using following command.
sudo apt-get install filebeat
![How to Install Elastic Stack on Ubuntu 24.04 LTS 31](https://www.fosstechnix.com/wp-content/uploads/2024/06/26-3.png)
Open the Filebeat configuration file to send logs to Logstash.
sudo nano /etc/filebeat/filebeat.yml
![How to Install Elastic Stack on Ubuntu 24.04 LTS 32](https://www.fosstechnix.com/wp-content/uploads/2024/06/27-1.png)
Comment out the Elasticsearch output section.
# output.elasticsearch:
# hosts: ["localhost:9200"]
Uncomment and configure the Logstash output section.
output.logstash:
hosts: ["localhost:5044"]
![How to Install Elastic Stack on Ubuntu 24.04 LTS 33](https://www.fosstechnix.com/wp-content/uploads/2024/06/38-2.png)
Enable the system module, which collects log data from the local system.
sudo filebeat modules enable system
![How to Install Elastic Stack on Ubuntu 24.04 LTS 34](https://www.fosstechnix.com/wp-content/uploads/2024/06/28-1.png)
Set up Filebeat to load the index template into Elasticsearch.
sudo filebeat setup --index-management -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["0.0.0.0:9200"]'
![How to Install Elastic Stack on Ubuntu 24.04 LTS 35](https://www.fosstechnix.com/wp-content/uploads/2024/06/29-1-1024x41.png)
Start and enable the Filebeat service.
sudo systemctl start filebeat
sudo systemctl enable filebeat
![How to Install Elastic Stack on Ubuntu 24.04 LTS 36](https://www.fosstechnix.com/wp-content/uploads/2024/06/30-1-1024x85.png)
Ensure Elasticsearch is receiving data from Filebeat by checking the indices.
curl -XGET "localhost:9200/_cat/indices?v"
You should see output indicating the presence of indices created by Filebeat.
![How to Install Elastic Stack on Ubuntu 24.04 LTS 37](https://www.fosstechnix.com/wp-content/uploads/2024/06/31-1-1024x420.png)
You can access it using browser using http://<your-server-ip>:9200/_cat/indices?v
![How to Install Elastic Stack on Ubuntu 24.04 LTS 38](https://www.fosstechnix.com/wp-content/uploads/2024/06/ELK-stack-1024x215.png)
Conclusion:
In conclusion, we have successfully installed and configured the Elastic Stack on Ubuntu 24.04 LTS. This included setting up Elasticsearch for search and analytics, Logstash for data processing, Kibana for data visualization, and Filebeat for log shipping. The Elastic Stack provides a robust solution for centralized logging and data analysis, making it invaluable for monitoring and analyzing system performance and application logs.
Related Articles:
Python Script to Parse Nginx Log Files
Reference: