How to install Elasticsearch on Ubuntu Server 18.04

If you're looking for a powerful search engine that can display data via a user-friendly web-based dashboard, Elasticsearch is what you want.

Eleasticsearch is a powerful search engine, based on the Lucene library, that provides a distributed, multitenant-capable, full-text search engine. With an HTTP web interface and schema-free JSON documents, Elasticsearch might well be ideal solution for the visualization of your company data.

Data Center Must-Reads

I'm going to walk you through the process of installing Elasticsearch on Ubuntu 18.04.

SEE: Securing Linux policy (Tech Pro Research)

What you need

All you will need is a running instance of Ubuntu Server 18.04 and a user account with sudo privileges.

Update/upgrade

The first thing to do is update and upgrade your server. Do note that, should the kernel be updated in the process, a restart of the server will be required. Because of this, run the update/upgrade process during a time when an update is possible.

To run the update/upgrade process, log into your Ubuntu server and issue the following command:

sudo apt-update
sudo apt-get upgrade -y

Install dependencies

Elasticsearch depends on Java. Issue the follow commands to install the dependency:

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer -y

Install and configure Elasticsearch

To install Elasticsearch, issue the following commands:

cd /tmp
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.2.deb
sudo dpkg -i elasticsearch-6.3.2.deb

Open the Elasticsearch configuration file with the command:

sudo nano /etc/elasticsearch/elasticsearch.yml

Locate the line:

# network.host: 192.168.0.1

Remove the comment (the # character) and change the IP Address to that of your hosting server. Save and close that file.

Finally, start and enable the service with the command:

sudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service

Point a web browser to http://SERVER_IP:9200/_cat/health?v (where SERVER_IP is the IP address of your hosting server). You should see similar output as that shown in Figure A.

Figure A

Install and configure Kibana

Now we're going to install the Kibana Dashboard, which can display the results of Elasticsearch. This is done with the following steps:

cd /tmp
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.3.2-amd64.deb
sudo dpkg -i kibana-6.3.2-amd64.deb

Configure Kibana by opening the configuration file with the command:

sudo nano /etc/kibana/kibana.yml

Locate the following lines:

#server.host: "localhost"
#elasticsearch.url: "http://localhost:9200"

Change those lines to:

server.host: "SERVER_IP"
elasticsearch.url: "http://SERVER_IP:9200"

where SERVER_IP is the IP address of your hosting server.

Save and close that file.

Finally, issue the following command:

sudo sysctl -w vm.max_map_count=262144

Reboot the server. Once the server reboots, start and enable the Kibana service with the commands:

sudo systemctl enable kibana.service
sudo systemctl start kibana.service

Open the dashboard

You can now point your browser to http://SERVER_IP:5601 to view the Kibana Dashboard (Figure B).

Figure B

There's one final step to take.

Install and configure Logstash

We now need the means to add data into Elasticsearch. This will be done with Logstash. To install this tool, issue the commands:

cd /tmp
wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.2.deb
sudo dpkg -i logstash-6.3.2.deb

Open the Logstash configuration file with the command:

sudo nano /etc/logstash/logstash.yml

Change the following line:

# http.host: "127.0.0.1"

Remove the # character and change the IP address to your hosting server IP. Save and close that file.

Start and enable the Logstash service with the commands:

sudo systemctl enable logstash.service
sudo systemctl start logstash.service

Point your browser to http://SERVER_IP:5601, and you are ready to begin working. Congratulations, you now have a powerful search engine installed and ready to go. I highly recommend you head over to the official Elasticsearch documentation to learn more on how to create searches.