This comprehensive guide offers a clear, step-by-step walkthrough for installing and setting up the ELK Stack — which includes Elasticsearch, Logstash, and Kibana — on a virtual server running CentOS 7. Whether you're a system administrator, DevOps engineer, or developer looking to implement centralized log management and powerful data visualization, this tutorial will help you get started with a production-ready setup. By the end of this guide, you’ll have a fully operational ELK Stack configured to collect, process, and display log data in real time.
What Is the ELK Stack?
ELK stands for Elasticsearch, Logstash, and Kibana:
- Elasticsearch — a powerful search and analytics engine.
- Logstash — a data processing pipeline that ingests, transforms, and forwards data.
- Kibana — a visualization interface that lets you explore and analyze data stored in Elasticsearch.
Together, these tools provide a flexible and scalable log management and data analysis solution.
System Requirements
To ensure stable performance, your server should meet the following minimum requirements:
- RAM: 4 GB
- CPU: 2 cores
Step 1: Install Java
The ELK stack requires Java. Install it using:
Verify the installation:
Step 2: Install and Configure Elasticsearch
Add Elasticsearch GPG Key:
Add Elasticsearch Repository:
Create the file:
Add the following content:
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
Install Elasticsearch:
Configure Elasticsearch:
Edit the config file:
Uncomment and set the following:
network.host: localhost
http.port: 9200
Edit the sysconfig file:
Set:
Enable and Start Elasticsearch:
systemctl enable elasticsearch
systemctl start elasticsearch
Step 3: Install and Configure Kibana
Download and Install Kibana:
rpm -ivh kibana-6.2.4-x86_64.rpm
Configure Kibana:
Set the following values:
server.host: "[Your_Server_IP]"
elasticsearch.url: "http://localhost:9200"
Enable and Start Kibana:
systemctl start kibana
Open Firewall Port:
sudo firewall-cmd --reload
Step 4: Set Up Nginx as a Reverse Proxy (Optional but Recommended)
Install NGINX and Utilities:
Refer to this guide for basic NGINX installation.
Create NGINX Virtual Host:
Example config:
listen 80;
server_name your-server-ip;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.kibana;
location / {
proxy_pass http://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Create Authentication File:
Restart NGINX:
Step 5: Install and Configure Logstash
Download and Install:
Enable and Start Logstash:
Step 6: Access Kibana
After completing all steps, open your browser and navigate to:
Example:
You’re now ready to start exploring and visualizing your data with Kibana!
Need help with data pipelines or dashboards? Explore more ELK Stack tutorials on our site