Skip to content

Instantly share code, notes, and snippets.

@ChenTsungYu

ChenTsungYu/elk.sh

Forked from mingderwang/elk.sh
Created April 14, 2021 07:26
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ChenTsungYu/0a479c02bb22e0121954b38594941f53 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ChenTsungYu/0a479c02bb22e0121954b38594941f53 to your computer and use it in GitHub Desktop.
Download ZIP
Bash Script to Install Elastic Search, Logstash and Kibana
Raw
elk.sh
#!/bin/bash
# your have to add hostname after script command, ether "elk1", "elk2", or "elk3"
if [ $# -eq 1 ]
then
echo "my hostname: $1"
MY_HOSTNAME=$1
else
echo "Usage: ./elk.sh HOSTNAME, where HOSTNAME is an argument as a unique hostname for the elasticsearch cluaster, ether "elk1", "elk2", or "elk3" "
exit
fi
MY_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
echo "my ip is $MY_IP"
# Checking whether user has enough permission to run this script
sudo -n true
if [ $? -ne 0 ]
then
echo "This script requires user to have passwordless sudo access"
exit
fi
dependency_check_deb() {
java -version
if [ $? -ne 0 ]
then
# Installing Java 8 if it's not installed
sudo apt-get install openjdk-8-jre-headless -y
# Checking if java installed is less than version 8. If yes, installing Java 8. As logstash & Elasticsearch require Java 8 or later.
elif [ "`java -version 2> /tmp/version && awk '/version/ { gsub(/"/, "", $NF); print ( $NF < 1.8 ) ? "YES" : "NO" }' /tmp/version`" == "YES" ]
then
sudo apt-get install openjdk-8-jre-headless -y
fi
}
dependency_check_rpm() {
java -version
if [ $? -ne 0 ]
then
#Installing Java 8 if it's not installed
sudo yum install jre-1.8.0-openjdk -y
# Checking if java installed is less than version 8. If yes, installing Java 8. As logstash & Elasticsearch require Java 8 or later.
elif [ "`java -version 2> /tmp/version && awk '/version/ { gsub(/"/, "", $NF); print ( $NF < 1.8 ) ? "YES" : "NO" }' /tmp/version`" == "YES" ]
then
sudo yum install jre-1.8.0-openjdk -y
fi
}
debian_elk() {
# resynchronize the package index files from their sources.
sudo apt-get update
# Downloading debian package of logstash
sudo wget --directory-prefix=/opt/ https://download.elastic.co/logstash/logstash/packages/debian/logstash_2.1.1-1_all.deb
# Install logstash debian package
sudo dpkg -i /opt/logstash_2.1.1-1_all.deb
# Downloading debian package of elasticsearch
sudo wget --directory-prefix=/opt/ https://download.elasticsearch.org/elasticsearch/release/org/elasticsearch/distribution/deb/elasticsearch/2.1.0/elasticsearch-2.1.0.deb
# Install debian package of elasticsearch
sudo dpkg -i /opt/elasticsearch-2.1.0.deb
# Download kibana tarball in /opt
sudo wget --directory-prefix=/opt/ https://download.elastic.co/kibana/kibana/kibana-4.3.0-linux-x64.tar.gz
# Extracting kibana tarball
sudo tar zxf /opt/kibana-4.3.0-linux-x64.tar.gz -C /opt/
# Starting The Services
sudo service logstash start
sudo service elasticsearch start
sudo /opt/kibana-4.3.0-linux-x64/bin/kibana &
}
rpm_elk() {
#Installing wget.
sudo yum install wget -y
# Downloading rpm package of logstash
sudo wget --directory-prefix=/opt/ https://artifacts.elastic.co/downloads/logstash/logstash-5.5.0.rpm
# Install logstash rpm package
sudo rpm -ivh /opt/logstash-5.5.0.rpm
# Downloading rpm package of elasticsearch
sudo wget --directory-prefix=/opt/ https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.rpm
# Install rpm package of elasticsearch
sudo rpm -ivh /opt/elasticsearch-5.5.0.rpm
# Download kibana tarball in /opt
sudo wget --directory-prefix=/opt/ https://artifacts.elastic.co/downloads/kibana/kibana-5.5.0-x86_64.rpm
# Install rpm package of kibana
sudo rpm -ivh /opt/kibana-5.5.0-x86_64.rpm
# change elasticsearch cluster config
sudo echo -e "$MY_IP $MY_HOSTNAME" >> /etc/hosts
sudo sed -i 's/#network.host: 192.168.0.1/network.host: 0.0.0.0/' /etc/elasticsearch/elasticsearch.yml
sudo sed -i 's/#server.host: "localhost"/server.host: "0.0.0.0"/' /etc/kibana/kibana.yml
sudo sed -i 's/#discovery.zen.ping.unicast.hosts: \["host1", "host2"\]/discovery.zen.ping.unicast.hosts: \["elk1:9300", "elk2:9300", "elk3:9300"\]/g' /etc/elasticsearch/elasticsearch.yml
sudo sed -i 's/#cluster.name: my-application/cluster.name: bimap-cluster/' /etc/elasticsearch/elasticsearch.yml
sudo sed -i 's/#node.name: node-1/node.name: '$MY_HOSTNAME'/' /etc/elasticsearch/elasticsearch.yml
sudo echo 'node.master: true
node.data: true
' | sudo tee -a /etc/elasticsearch/elasticsearch.yml
# Starting The Services
sudo service logstash start
sudo service elasticsearch start
sudo service kibana start
# install redis
#sudo wget --directory-prefix=/opt/ ftp://195.220.108.108/linux/centos/7.3.1611/extras/x86_64/Packages/epel-release-7-9.noarch.rpm
#sudo rpm -ivh /opt/epel-release-7-9.noarch.rpm
#sudo yum update
#sudo yum install redis -y
#sudo systemctl start redis.service
# install filebeat
sudo wget --directory-prefix=/opt/ https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.5.0-x86_64.rpm
sudo rpm -vi /opt/filebeat-5.5.0-x86_64.rpm
# install metricbeat
sudo wget --directory-prefix=/opt/ https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-5.5.0-x86_64.rpm
sudo rpm -vi /opt/metricbeat-5.5.0-x86_64.rpm
sudo service metricbeat start
}
# Installing ELK Stack
if [ "$(grep -Ei 'debian|buntu|mint' /etc/*release)" ]
then
echo " It's a Debian based system"
dependency_check_deb
debian_elk
elif [ "$(grep -Ei 'fedora|redhat|centos' /etc/*release)" ]
then
echo "It's a RedHat based system."
dependency_check_rpm
rpm_elk
else
echo "This script doesn't support ELK installation on this OS."
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment