Install ElasticSearch on centos

Centos install elasticsearch

  1. The preparatory work

      • [] Non-root user logs in to the system
      • [] Install JDK 1.8 environment
      • [] Download the elasticSearch installation package (RPM or tar.gz format)

  2. Start the installation

    • Centos 7 Install JDK 1.8 offline

      • Check whether the open-JDK is installed

        java -vesrsion
Copy the code

        If the information appears, no installation is required

      • The oracle JDK installation starts

        Download the JDK tar.gz package from the Oracle website and run the following command

        Unzip the package in the package directorytar -xvf jdk.. tar.gz# Link Java commands to system commands
sudo vi /etc/profile
Enter the profile file (vim: press G, then press A) and append the following
export JAVA_HOME = ~/jdk..
export PATH=$PATH:$JAVA_HOME/bin 
Copy the code

      • Download and install ElasticSearch

        错 误 1: ** is no in the sudoers file. The solution is as follows:

        # change sudoers to add current user to sudo group
su root
Add write permission to sudoers file
chmod u+w /etc/sudoers
# add user name ALL=(ALL) ALL to root ALL=(ALL) ALL
If using vim, press the following key (

         for enter)        vi /etc/sudoers ? root <br> n yy p cw john ESC :wqCopy the code

        Install the elasticsearch

        Sudo RPM -- install elasticsearch - 6.3.2. RPMCopy the code

        run

        sudo -i service elastisearch start
Copy the code

        test

        curl http://localhost:9200 # if {} appears, it is normal
Copy the code

  3. Description of elasticSearch basic configuration

    All configuration files are in * /etc/elasticSearch *, where each file has the following functions:

    Jvm. options: Java virtual machine configuration file, including the memory occupied by the adjustment program

    Elasticsearch. yml: elasticSearch configuration file. Exposed IP addresses and ports

    Log4j2. properties: log configuration file. Control log output

    role_mapping.yml:

    roles.yml:

    users

    users_roles

    Example Modify the ELASticSearch configuration file and set the external access IP address

    In elasticSearch. yml, set network.host=0.0.0.0 (line 55). Note that there are no Spaces before the line

Install Kibana on Centos

  1. If you download the RPM package:

    Sudo RPM --install kibana-6.3.2-x86_64. RPM sudo -i service kibana start# kibana start 
Copy the code

  2. After decompressing the tar.gz package, run bin/kibana.

    Generally speaking. This step will not report an error after es is successfully installed. If an error occurs, the user is root and needs to switch to a common user. In addition, the Kibana directory requires user permissions. You are advised to perform all operations as common users.

Operation and configuration of Kibana

Install PacketBeat on Centos

  1. The preparatory work

    • [] Libcap installation

      Centos 7 has libcap installed by default. If minimum installation is selected, download the RPM package [^1] and run the RPM installation command.

      Note: You are advised to install centos on the Internet. After downloading the RPM packages, you are advised to run the RPM -qr [package name] command to check the dependencies.

    • [] PacketBeat template installation

      packetbeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["localhost:9200"]'
Copy the code

      Note: Most tutorials need to import JSON data as templates. In fact, after version 6.0, PacketBeat only needs to type the command above to import templates.

    • [] Install packetBeat monitor interface under Kibana

      This step requires that Kibana be started
packetbeat setup --dashboards
Copy the code