Elasticsearch + Logstash + Kibana install X-Pack in the software package,

Elasticsearch + Logstash + Kibana install X-Pack in the software package,
Elasticsearch + Logstash + Kibana install X-Pack

X-Pack is an extension of an Elastic Stack that includes security, alarms, monitoring, reporting, graphics, and machine learning functions in an easy-to-install software package.

1. install X-Pack in elasticsearch

Follow these steps to install x-pack in elasticsearch:

1. 1. Download x-pack

A .:

Note: The same zip file contains plug-ins for Elasticsearch, Kibana, and Logstash. If you have downloaded this file and installed x-pack on one of the products, you can reuse the same file.

B. Transfer the zip file to the temporary directory on the server. (Do not put files in the eelasticsearch plug-in directory .)

1. 2. install x-pack on the server

# bin/elasticsearch-plugin install file:///usr/local/plugins/x-pack-6.1.1.zip

Note: the absolute path of the zip file must be specified after file: // protocol.

A. Add these permissions during the installation process to set threat context loader

[=================================================] 100%?? @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@     WARNING: plugin requires additional permissions     @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@* java.io.FilePermission \\.\pipe\* read,write* java.lang.RuntimePermission accessClassInPackage.com.sun.activation.registries* java.lang.RuntimePermission getClassLoader* java.lang.RuntimePermission setContextClassLoader* java.lang.RuntimePermission setFactory* java.net.SocketPermission * connect,accept,resolve* java.security.SecurityPermission createPolicy.JavaPolicy* java.security.SecurityPermission getPolicy* java.security.SecurityPermission putProviderProperty.BC* java.security.SecurityPermission setPolicy* java.util.PropertyPermission * read,writeSee http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.htmlfor descriptions of what these permissions allow and the associated risks.Continue with installation? [y/N]y

B. x-pack requires permissions to start the machine learning analysis engine. The local Controller ensures that the startup process is an effective machine learning component. Once started, the communication between the machine learning process and elasticsearch is limited to operating system users.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@        WARNING: plugin forks a native controller        @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@This plugin launches a native controller that is not subject to the Javasecurity manager nor to system call filters.Continue with installation? [y/N]y

Note: x-pack does not support linux-x86, an error will be reported at startup, the following error:

org.elasticsearch.ElasticsearchException: X-Pack is not supported and Machine Learning is not available for [linux-x86]; you can use the other X-Pack features (unsupported) by setting xpack.ml.enabled: false in elasticsearch.yml

Solution: Add xpack. ml. enabled: false to config/elasticsearch. yml.

1. 3. Set the initial password of the default account

A. Use bin/x-pack/setup-passwords interactive to randomly generate new passwords for elasticsearch, kibana, and logstash_system users.

B. Use bin/x-pack/setup-passwords interactive to set a new password for elasticsearch, kibana, and logstash_system users.

2. logstash installation X-Pack2.1. Install with the x-pack that has been downloaded above

# bin/logstash-plugin install file:///usr/local/plugins/x-pack-6.1.1.zip

2. 2. When you install x-pack on elasticsearch, you and other built-in users set this password. You must set a new password for xpack. monitoring. elasticsearch. password in logstash. yml for the logstash_system User:

Xpack. monitoring. elasticsearch. username: logstash_systemxpack.monitoring.elasticsearch.password: the password is generated in Step 1.3.

3. install X-Pack in kibana

An overview of the steps required to set x-pack on Kibana:

. Use the x-pack downloaded above for Installation

# bin/kibana-plugin install file:///usr/local/plugins/x-pack-6.1.1.zip

2. Modify the user name and password in oonfig/kibana. yml

Elasticsearch. username: "elastic" elasticsearch. password: the password generated in Step 1.3.

4. Cancel logon verification. Add the following to elasticsearch and kibana configurations:

xpack.security.enabled: false