This AMI features a built-in ELK (Elasticsearch, Logstash, and Kibana) stack on AWS cloud which can be customize to each users’ preference. This solution is ideal for user who wants the full functionality of an ELK stack and want to save some time on installing the software. We have installed all the ELK components on an Ubuntu environment, so that you can start your data analysis immediately. As easy as it sound, with just a few clicks, you can provision an ELK instance in less than a minute.
After you have provisioned the AMI, go to the AWS console where you setup your EC2 instance (for example, go to EC2 console in the Oregon region under your AWS account). Click on the instance you launched, and copy the public DNS (IPv4) address or the IPv4 Public IP address.
Wait a few minutes to provision Kibana. Then paste {https://{IPv4 Public IP}:5601 onto your web browser and it will bring you to the Kibana launch page:
You can further customize the ELK stack by SSH into the instance using the following command:
ssh -i {certificate}.pem ubuntu@ec2–XX–XXX–XXX–X.us-west-2.compute.amazonaws.com
Elasticsearch
This documentation guide you through how to get started with Elasticsearch.
Use command line to run curl -X GET "localhost:9200/" to see if Elasticsearch is running. It should give the following if successful:
{
“name” : “ip-172–31–28–88”,
“cluster_name” : “my-application”,
“cluster_uuid” : “dLfzIIfwSEWOnuu5i1I6OQ”,
“version” : {
“number” : “7.2.0”,
“build_flavor” : “default”,
“build_type” : “deb”,
“build_hash” : “508c38a”,
“build_date” : “2019–06–20T15:54:18.811730Z”,
“build_snapshot” : false,
“lucene_version” : “8.0.0”,
“minimum_wire_compatibility_version” : “6.8.0”,
“minimum_index_compatibility_version” : “6.0.0-beta1”
},
“tagline” : “You Know, for Search”
}
Alternatively, you can also check the status by sudo service elasticsearch status . If the service is down, run sudo service elasticsearch restart or sudo service elasticsearch stop to restart the service. Wait at least 30s to check the status again.
By default, all three services will automatically start when you launch the instance.
Start using Elasticsearch with Introduction to Indexing.
Logstash
Use sudo service logstash status to check the status.
Follow this tutorial to https://www.elastic.co/blog/a-practical-introduction-to-logstas get started on a Logstash pipeline.
Kibana
Use sudo service kibana status to check the status.
Refer to the Kibana user guide to start adding sample data!
Troubleshooting
Scenario 1.
If Kibana doesn’t show up on web browser, reboot the instance on AWS console.
Scenario 2.
If you encounter the following page indicating that the connection is not private, there’s a work around. Select anywhere on the error page, and type thisisunsafe. (Refer to reference number 4 & 5)
