Skip to content

3. Special Things to Note on ELK

Jump to bottom
MohanprasadKumar ST edited this page May 19, 2021 · 3 revisions

Special Things to Note on ELK

  1. Install Beats to collect files / metrics / health / packet of a server - Ex: apt-get install metricbeat
  2. Make sure elasticsearch.yml, kibana.yml, filebeat.yml & metricbeat.yml are configured for your requirement
  3. you can set password for elasticsearch by going to /usr/share/elasticsearch location and running bin/elasticsearch-setup-passwords interactive
    1. bin/logstash --config.test_and_exit -f <path_to_config_file> - use the following command to check .conf is perfectly fine

Before changing you need to make sure xpack.security.enabled: true is added to elasticsearch.yml

1. default user - elastic
2. After changing you need to add username and password to **`kibana.yml`**
  1. You need to change respective beats .yml file to collect respective details and display on Kibana
  2. Use filebeat modules enable system to make default monitoring enable for filebeat
  • filebeat modules list to get list of defaults it will monitor
Clone this wiki locally