After you install Logstash, you can optionally obtain and install X-Pack. For more information about how to obtain X-Pack, see https://www.elastic.co/products/x-pack.
To use X-Pack you need:
- Elasticsearch 6.0.1 - Installing Elasticsearch
- Kibana 6.0.1 - Getting Kibana Up and Running
You must install X-Pack on Elasticsearch, Kibana, and Logstash, using the version of X-Pack that matches of the version the product. See the Elastic Support Matrix for more information about product compatibility.
If you are installing X-Pack for the first time on an existing cluster, you must perform a full cluster restart. Installing X-Pack enables security and security must be enabled on ALL nodes in a cluster for the cluster to operate correctly. When upgrading you can usually perform a rolling upgrade.
The following diagram provides an overview of the steps that are required to set up X-Pack on Logstash:
To install X-Pack on Logstash:
- Install X-Pack on Elasticsearch.
- Install X-Pack on Kibana.
-
Optional: If you want to install X-Pack on a machine that doesn’t have internet access:
-
Manually download the X-Pack zip file:
https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-6.0.1.zip
(sha512)The plugins for Elasticsearch, Kibana, and Logstash are included in the same zip file. If you have already downloaded this file to install X-Pack on one of those other products, you can reuse the same file.
- Transfer the zip file to a temporary directory on the offline machine. (Do NOT put the file in the Elasticsearch plugins directory.)
-
-
Run
bin/logstash-plugin install
from the Logstash installation directory.bin/logstash-plugin install x-pack
The plugin install scripts require direct internet access to download and install X-Pack. If your server doesn’t have internet access, specify the location of the X-Pack zip file that you downloaded to a temporary directory.
bin/logstash-plugin install file:///path/to/file/x-pack-6.0.1.zip
-
Update Logstash to use the new password for the built-in
logstash_system
user, which you set up along with the other built-in users when you installed X-Pack on Elasticsearch. You must configure thexpack.monitoring.elasticsearch.password
setting in thelogstash.yml
configuration file with the new password for thelogstash_system
user.xpack.monitoring.elasticsearch.username: logstash_system xpack.monitoring.elasticsearch.password: logstashpassword
For more information, see Setting Up User Authentication.
- Configure and start Logstash.