How to Set Up Monitoring with ELK Stack197

The ELK (Elasticsearch, Logstash, and Kibana) stack is a powerful open-source toolset for log management and analytics. It can be used to collect, process, and visualize data from a variety of sources, including servers, applications, and network devices. In this article, we will walk you through how to set up the ELK stack for monitoring your infrastructure.## Prerequisites

Before you begin, you will need the following:* A server running a Linux distribution
* The ELK stack software
* A data source to monitor
## Installing the ELK Stack

To install the ELK stack, follow these steps:1. Download the ELK stack from the official website.
2. Unzip the downloaded file.
3. Run the following command to install the ELK stack:
```
sudo ./install-elk
```
4. Follow the on-screen instructions to complete the installation.
## Configuring Elasticsearch

Once the ELK stack is installed, you need to configure Elasticsearch. Elasticsearch is the data store for the ELK stack. It is responsible for storing and indexing the data that you collect.

To configure Elasticsearch, open the `` file located in the `/etc/elasticsearch` directory. Make the following changes to the file:```
: my-elasticsearch-cluster
: my-elasticsearch-node
: 0.0.0.0
: ["localhost"]
```

Save the file and restart Elasticsearch.## Configuring Logstash

Logstash is the data collection engine for the ELK stack. It is responsible for collecting data from your data sources and sending it to Elasticsearch.

To configure Logstash, open the `` file located in the `/etc/logstash` directory. Make the following changes to the file:```
input {
file {
path => "/var/log/syslog"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
}
}
```

Save the file and restart Logstash.## Configuring Kibana

Kibana is the data visualization engine for the ELK stack. It is responsible for creating dashboards and reports that you can use to visualize your data.

To configure Kibana, open the `` file located in the `/etc/kibana` directory. Make the following changes to the file:```
: 5601
: ["localhost:9200"]
```

Save the file and restart Kibana.## Testing Your Setup

To test your setup, run the following command:```
curl -XGET "localhost:9200/_cat/indices?v"
```

You should see a list of indices that have been created in Elasticsearch. This means that your setup is working correctly.## Monitoring Your Infrastructure

Now that your ELK stack is set up, you can start monitoring your infrastructure. To do this, you will need to create a data source in Kibana.

To create a data source, click on the "Management" tab in Kibana. Then, click on the "Data Sources" link. Click on the "Add Data Source" button and select the "Elasticsearch" data source type.

Enter the following information in the form:* Name: My Elasticsearch Data Source
* Host: localhost
* Port: 9200

Click on the "Save" button to create the data source.

Once you have created a data source, you can start creating dashboards and reports. Dashboards are used to visualize your data in a graphical way. Reports are used to generate reports on your data.

To create a dashboard, click on the "Dashboards" tab in Kibana. Then, click on the "Create Dashboard" button.

To create a report, click on the "Reports" tab in Kibana. Then, click on the "Create Report" button.## Conclusion

The ELK stack is a powerful tool that can be used to monitor your infrastructure. In this article, we walked you through how to set up the ELK stack and how to use it to monitor your infrastructure.

2025-01-18

Previous：A Guide to Cabling and Installing Monitoring Equipment Cabinets

Next：Monitoring Mobile Installations Guide