cluster

Install Kibana 4 and Elasticsearch on Ubuntu

Blog, ElasticSearch, Information Technology, Kibana, Software

Great news, everyone! Kibana 4 is no longer in beta and has been released to the masses.

In this guide, I will show you how to get started installing Kibana 4 and Elasticsearch in a linux environment. I will be using Ubuntu Server 14.04 in my examples.

For those who do not know, Kibana is an interface to data exploration through graphical visualizations.  Kibana 4 is the latest release from the people over at Elastic. Kibana 4 offers a much better interface for sorting through your data.

Download and Install Java

If you are doing this on a fresh install of Ubuntu (like me), the first thing you’re going to need to do is install Java. Elasticsearch requires at least Java 7 to run so let’s set that up. I will be using Java 8 in this example but you can run 7 or openjdk if you wish.

Open a terminal window (ctrl+shift+t) and type…

sudo apt-add-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer

Once you have accepted the license agreement, Java is ready to go.

Download and Install Elasticsearch 

Open another terminal window (ctrl+alt+t) and type…

cd ~
wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch | sudo apt-key add -
echo 'deb http://packages.elasticsearch.org/elasticsearch/1.5/debian stable main' | sudo tee /etc/apt/sources.list.d/elasticsearch.list
sudo apt-get update
sudo apt-get install elasticsearch

That commands above will install Elasticsearch on your machine.

The next thing we need to do is to give our Elasticsearch cluster a name. To do this, type in this commands…

sudo sed -i -e 's|#cluster.name: elasticsearch|cluster.name: kibana|' /etc/elasticsearch/elasticsearch.yml

Now you need to tell your machine to run Elasticsearch every time the machine boots up. To do that, type…

sudo update-rc.d elasticsearch defaults 95 10
sudo /etc/init.d/elasticsearch start

And now you have Elasticsearch running on your machine. You can check by typing “sudo service elasticsearch status” in the terminal window, or by opening up a browser and going to http://127.0.0.1:9200 and seeing a result similar to this…

{
  "status" : 200,
  "name" : "Karen Page",
  "cluster_name" : "kibana",
  "version" : {
    "number" : "1.5.2",
    "build_hash" : "62ff9868b4c8a0c45860bebb259e21980778ab1c",
    "build_timestamp" : "2015-04-27T09:21:06Z",
    "build_snapshot" : false,
    "lucene_version" : "4.10.4"
  },
  "tagline" : "You Know, for Search"
}

Download and Install Kibana 4

Now that Elasticsearch is installed on our machine, we can now go ahead and setup Kibana 4. Unlike previous versions of Kibana, Kibana 4 does not use apache to run.

Open up another terminal window (ctrl+shift+t) and type in these commands…

cd ~
wget https://download.elastic.co/kibana/kibana/kibana-4.1.0-linux-x64.tar.gz
tar xvf kibana-4.1.0-linux-x64.tar.gz
sudo mv ~/kibana-4.1.0-linux-x64 /opt/kibana

Now we need to have Kibana 4 start up when the machine boots so we need to have it run as a service. To do that, type in these commands in a terminal window…

sudo wget --output-document="/etc/init.d/kibana4" https://raw.githubusercontent.com/akabdog/scripts/master/kibana4_init
sudo chmod +x /etc/init.d/kibana4
sudo update-rc.d kibana4 defaults 96 9
sudo service kibana4 start

You can check to see if Kibana is working properly by goint to http://127.0.0.1:5601/ in your browser of choice. And that is in in terms of installing Kibana 4 and Elasticsearch. Part 2 of this blog post on setting up Logstash for your Cisco ASA syslogs is over here.