elk stack implementation on windows
DESCRIPTION
Elk Stack on WindowsTRANSCRIPT
ELK STACK IMPLEMENTATION ON WINDOWS
Step 1: I have downloaded Logstash, Kibana and ElasticSearch on one Windows server. From below mentioned website .“http://www.elasticsearch.org/overview/elkdownloads/”
Logstash: https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.zipKibana: https://download.elasticsearch.org/kibana/kibana/kibana-3.1.0.zipElasticsearch: https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.2.1.zip
Step 2: Extracted all packagesI created myself a folder called “Mathan ” in “c:\Mathan\” and extracted all folders there to make it easier.
So, for me it looks like this now:c:\Mathan\elasticsearchc:\Mathan\kibanac:\Mathan\logstash
Step 3: Downloaded the JDK version of Java and installed .Went to the Java website: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.htmlAccept the license and then downloaded : “Windows x64 (jdk-8u5-windows-x64.exe)” package.
Step 4: I have set the JDK environment variable .
Variable value: C:\Program Files\Java\jdk1.8.0_05
Step 5:Opened a console and went to “c:\Mathan\elasticsearch\bin\” typed the following command:service install
Service has been installed successfully .
Now I typed the following:service manager
We should see the elasticsearch service manager:
I have changed on the tab the “Startup type” from Manual to Automatic and then pressed “Apply”. This should make Elasticsearch start automatically on server boot.
This is everything to start ElasticSearch automatically on boot. To test that it is working, opened a browser and went to this url: http ://127.0.0.1:9200/
Step 6: Installing Logstash
In order to create a proper Windows service, I downloaded “NSSM” (the Non-Sucking Service Manager) from: http://nssm.cc/http://nssm.cc/release/nssm-2.23.zip
I have unzipped it and copied the file from the unzipped folder to “C:\Mathan\logstash\bin” so it should result in we having “C:\Mathan\logstash\bin\nssm.exe”.
Now open a Command Prompt and type:cd C:\Mathan\logstash\bin
And then typed the following:nssm install logstash
Logstash service installed and started successfully .
Step 7 : Configuring Kibana ( I am not aware how to configure kibana json file depends upon our requirement )
Step 8 : I have Downloaded the required configuration files from the below mentioned link.https://gist.github.com/robinsmidsrod/4215337
Placed this file in:C:\Mathan \logstash\bin
Currently I am testing with 3 windows servers
Nxlog has been configured on remaining 2 windows client servers .
Please see my current setup :
1) ELK server (Windows ) 2) Client server1 (Windows)3) Client server 2(Windows)
I am not aware how to proceed further for visualizing event logs in kibana dashboard . Kindly help .