Linux

How to Install Elasticsearch and Kibana on Ubuntu

This tutorial will guide you on how to install Elasticsearch 8.0 and Kibana on an Ubuntu 22.04 system. This guide will include downloading the official packages from Elasticsearch and then installing and configuring it.
Captain Salem 3 min read
How to Install Elasticsearch and Kibana on Ubuntu

What is Elasticsearch?

Elasticsearch is a highly scalable open-source full-text search and analytics engine. It allows you to store, search, and analyze big volumes of data quickly and in near real-time.

Elasticsearch is generally used as the underlying engine or technology that powers applications that have complex search features and requirements. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents.

What is Kibana?

Kibana is an open-source data visualization and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases.

It offers powerful and easy-to-use features such as histograms, line graphs, pie charts, heat maps, and built-in geospatial support. Also, it provides tight integration with Elasticsearch, a popular analytics and search engine, which makes Kibana the default choice for visualizing data stored in Elasticsearch.

Update System Packages

Start by updating the system packages.

sudo apt update
sudo apt upgrade

Install the Java JDK

The next step is to install the Java JDK on your system. This is a required step for running Elasticsearch and Kibana. You can install any supported JDK. For this tutorial, we will be install the Open JDK 11 as shown in the commands below:

sudo apt install java-common openjdk-11-jdk

Once the installation is complete, you can verify that Java is installed successfully with the command:

java -version

Output:

openjdk 11.0.19 2023-04-18
OpenJDK Runtime Environment (build 11.0.19+7-post-Ubuntu-0ubuntu123.04)
OpenJDK 64-Bit Server VM (build 11.0.19+7-post-Ubuntu-0ubuntu123.04, mixed mode, sharing)

Install and Configure Elasticsearch

The next step is downloading and installing Elasticsearch from the official repository. We can do this by importin the PGP key using the command shown:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

You may need to install the apt-transport-https package on your system.

sudo apt-get install apt-transport-https

Next, save the repository definition to your system:

echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list

Next, update your package lists and install Elasticsearch:

sudo apt-get update && sudo apt-get install elasticsearch

Once you install Elasticsearch, it may perform some init configuration such as setting the default password for connecting to the cluster.

Note down this information as neccessary.

Basic Elasticsearch Configuration

Before starting the Elasticsearch cluster, let us make some simple configurations. Edit the Elasticsearch configuration file located in /etc/elasticsearch/elasticsearch.yml.

sudo nano /etc/elasticsearch/elasticsearch.yml

Locate the network.host and the http.port entries and update them as shown below

network.host: localhost
http.port: 9200

Save the changes and exit the editor.

Now, we can start and enable Elasticsearch to run on startup:

sudo systemctl start elasticsearch
sudo systemctl enable elasticsearch

To verify that Elasticsearch is running, you can send an HTTP request to port 9200 on localhost with the following curl command:

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200 

The command above will prompt you for the output generated during Elasticsearch setup.

Output:

{
  "name" : "jdq3432we",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "AT69_T_DTp-1qgIJlatQqA",
  "version" : {
    "number" : "8.8.1",
    "build_type" : "tar",
    "build_hash" : "f27399d",
    "build_flavor" : "default",
    "build_date" : "...",
    "build_snapshot" : false,
    "lucene_version" : "9.6.0",
    "minimum_wire_compatibility_version" : "1.2.3",
    "minimum_index_compatibility_version" : "1.2.3"
  },
  "tagline" : "You Know, for Search"
}

Install and Configure Kibana

Now that Elasticsearch is set up, we can install Kibana. It's available in the same repository as Elasticsearch:

sudo apt install kibana

Similar to Elasticsearch, we'll need to make a few changes in the Kibana configuration file located at /etc/kibana/kibana.yml.

sudo nano /etc/kibana/kibana.yml

Locate the following entries and set them as shown below:

server.port: 5601
server.host: "localhost"
elasticsearch.hosts: ["http://localhost:9200"]

Save the changes and exit the editor.

Next, start and enable Kibana to run on startup:

sudo systemctl start kibana
sudo systemctl enable kibana

After a few seconds, Kibana should be running and listening on port 5601. You can test it by opening a web browser and visiting: http://localhost:5601

Conclusion

In this tutorial, you learned how to configure Elasticsearch and Kibana on your Ubuntu 22.04 server. Now, you can start publishing logs and other data to Elasticsearch and use Kibana to visualize the data.

Check our upcoming tutorials on Elasticsearch, Kibana, and Logstash to stay up to date with the latest articles.

Share
Comments
More from GeekBits

Join us at GeekBits

Join our members and get a currated list of awesome articles each month.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to GeekBits.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.