With the Elasticsearch cluster up and running, we can now go ahead and install Logstash and Kibana.
The repository that was used in the previous steps is the same for the remaining components. So, the same process that was used before to add the repository should be applied to the Logstash and Kibana node.
This is a summary, the same process has been explored before:
- Add the repository to /etc/yum.repos.d/elastic.repo
- Update the yum cache to sudo yum makecache
- Install Logstash and Kibana using sudo yum install logstash kibana
- Initialize the disk for /var/lib/logstash and sudo parted /dev/sdX mklabel gpt
- Create the sudo parted /dev/sdX mkpart xfs 0GB 32GB partition (note that this is a 32 GB disk)
- Create the sudo mkfs.xfs /dev/sdX1 filesystem
- Update fstab
- Update the sudo chown logstash: /var/lib/logstash directory permissions
The Logstash systemd unit is not added by default; to do so, run the script provided by Logstash:
sudo /usr/share/logstash/bin/system-install
Finally, one specific component that is required is a coordinating Elasticsearch node. This will serve as a load balancer for the Elasticsearch cluster that is used by Kibana to install Elasticsearch:
sudo yum install elasticsearch
More information on the coordinating node configuration is provided in the Configuring Kibana section.