Elastic Stack consists of different components, such as Elasticsearch, Logstash, Kibana, and different Beats. We need to install each component individually, so let's start with Elasticsearch.

To install Elasticsearch 6, we need at least Java 8. Please ensure first that Java is installed with at least version 8 in your system. Once Java is installed, we can go ahead and install Elasticsearch. You can find the binaries at www.elastic.co/downloads.

Follow the steps to install using the tar file:

1. First, we need to download the latest Elasticsearch tar, as shown in the following code block:

curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.x.tar.gz

2. Then, extract it using the following command:

tar -xvf elasticsearch-6.x.tar.gz

3. After extracting it, we have a bunch of files and folders. Move to the bin directory by executing the following command:

cd elasticsearch-6.x/bin 

4. After moving to the bin directory, run Elasticsearch using the following command:

./elasticsearch

Using Homebrew, we can install Elasticsearch on macOS, as follows:

brew install elasticsearch

For Windows, we have the MSI Installer package, which includes a graphical user interface (GUI) that we can use to complete the installation process. We can download the Elasticsearch 6.x MSI from the Elasticsearch download section at https://www.elastic.co/downloads/elasticsearch.

We can launch the GUI-based installer by double-clicking on the downloaded executable file. On the first screen, select the deployment directories and install the software by following the installation screens.

Follow the steps to install using the Debian package:

1. First, install the apt-transport-https package using the following command:

sudo apt-get install apt-transport-https

2. Save the repository definition on /etc/apt/sources.list.d/elastic-6.x.list:

echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list

3. To install the Elasticsearch Debian package, run the following command:

sudo apt-get update && sudo apt-get install elasticsearch

1. Download and then install the public signing key:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

2. Create a file called elasticsearch.repo for RedHat-based distributions under the /etc/yum.repos.d/ directory. For the OpenSuSE-based distributions, we have to create the file under the /etc/zypp/repos.d/ directory. We need to add the following entry in the file:

[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

After adding the preceding code, we can install Elasticsearch on the following environments.

• We can run the yum command on CentOS and older versions of RedHat-based distributions:

sudo yum install elasticsearch

• On Fedora and other newer versions of RedHat distributions, use the dnf command:

sudo dnf install elasticsearch

• The zypper command can be used on OpenSUSE-based distributions:

sudo zypper install elasticsearch

• The Elasticsearch service can be started or stopped using the following command:

sudo -i service elasticsearch start
sudo -i service elasticsearch stop

We have different ways to install Logstash based on the operating system. Let's see how we can install Logstash on different environments.

Follow the steps to install using APT Package Repositories

1. Install the Public Signing key, but before that download the APT package repository. You can do that using the following command:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

2. On Debian, we have to install the apt-transport-https package:

sudo apt-get install apt-transport-https

3. Save the following repository definition, under the /etc/apt/sources.list.d/elastic-6.x.list directory:

echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list

4. Run the sudo apt-get update command to update the repository. After the update, the repository will be ready to use. We can install Logstash by executing the following command:

sudo apt-get update && sudo apt-get install logstash

Follow the steps to install using YUM Package Repositories:

1. Download the public signing key and then install it using the following expression:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

2. Under the /etc/yum.repos.d/ directory, add the following expression in a file with a .repo suffix, for example. See the following code block in the logstash.repo file:

[logstash-6.x]
name=Elastic repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

3. The repository is ready after we add the preceding code. Using the following command, we can install Logstash:

sudo yum install logstash

From version 6.0.0 onward, Kibana only supports 64-bit operating systems, so we need to ensure we have a 64-bit operating system before installing Kibana.

Follow the steps to install Kibana with .tar.gz

1. Using the following expression, we can download and install the Linux archive for Kibana v6.x:

wget https://artifacts.elastic.co/downloads/kibana/kibana-6.x-linux-x86_64.tar.gz
tar -xzf kibana-6.1.3-linux-x86_64.tar.gz

2. Change the directory and move to $KIBANA_HOME by running the following command:

cd kibana-6.1.3-linux-x86_64/

3. We can start Kibana using the following command:

./bin/kibana

Follow the steps to install Kibana using the Debian package:

1. For the Debian package, download and install the public signing key using the following command:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

2. Install the apt-transport-https package using the following expression:

sudo apt-get install apt-transport-https

3. We need to add the following repository definition under /etc/apt/sources.list.d/elastic-6.x.list:

echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list

4. Install the Kibana Debian package, by running the following command:

sudo apt-get update && sudo apt-get install kibana

Follow the steps to install Kibana using RPM:

1. Install the public signing key after downloading it for the RPM package:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

2. Create a file called kibana.repo under the /etc/yum.repos.d/ directory for RedHat-based distributions. For OpenSuSE-based distributions, we need to create the file under the /etc/zypp/repos.d/ directory and then add the following expression:

[kibana-6.x]
name=Kibana repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

After adding the preceding expression in our file, we can install Kibana using the following commands:

• On yum, CentOS, and older RedHat-based distributions, we need to run the following command:

sudo yum install kibana

• We can use the dnf command on Fedora and newer RedHat distributions:

sudo dnf install kibana

We can use zypper to install Kibana on OpenSUSE-based distributions using the following command:

sudo zypper install kibana

Follow the steps to install Kibana on Windows:

2. From the Elastic download section (https://www.elastic.co/downloads/kibana), we can download the .zip windows archive for Kibana v6.x.
3. Create a folder called kibana-6.x-windows-x86_64 by unzipping the zipped archive; we refer to this folder path as $KIBANA_HOME. Now move to the $KIBANA_HOME directory by using the following expression:

cd c:\kibana-6.x-windows-x86_64

3. To start Kibana, we need to run the following command:

.\bin\kibana

Beat is a separately-installable product; they are lightweight data shippers. There are many Beats available, as follows:

• Packetbeat
• Metricbeat
• Filebeat
• Winlogbeat
• Heartbeat

There are many ways to download and install Packetbeat, depending on your operating system. Let's see different commands for different types of OSes:

• To install Packtbeat on deb use the following command:

sudo apt-get install libpcap0.8
curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-6.2.1-amd64.deb
sudo dpkg -i packetbeat-6.2.1-amd64.deb

• To install Packetbeat on rpm use the following command:

sudo yum install libpcap
curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-6.x-x86_64.rpm
sudo rpm -vi packetbeat-6.2.1-x86_64.rpm

• To install Packetbeat on macOS use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-6x-darwin-x86_64.tar.gz
tar xzvf packetbeat-6.2.1-darwin-x86_64.tar.gz

• To install Packetbeat on the Windows environment, perform the following steps:

1. Get the Packtebeat Windows zip file from the Elastic downloads section.
2. Extract the zip file to C:\Program Files.
3. Rename the extracted file Packetbeat.
4. Run the PowerShell prompt as an Administrator.
5. To install Packetbeat as a Windows service, run the following command:

PS > cd 'C:\Program Files\Packetbeat'
PS C:\Program Files\Packetbeat> .\install-service-packetbeat.ps1

There are different ways to install Metricbeat on your operating system. Using the following expressions, we can install Metricbeat on different OSes:

• To install Metricbeat on deb use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-6.x-amd64.deb
sudo dpkg -i metricbeat-6.x-amd64.deb

• To install Meticbeat on rpm use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-6.x-x86_64.rpm
sudo rpm -vi metricbeat-6.x-x86_64.rpm

• To install Meticbeat on macOS use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-6.x-darwin-x86_64.tar.gz
tar xzvf metricbeat-6.x-darwin-x86_64.tar.gz

• To install Meticbeat on Windows perform the following steps:

1. Download the Metricbeat Windows zip from the Elastic download section.
2. Extract the file to the C:\Program Files directory.
3. Rename the metricbeat long directory name to Metricbeat.
4. Run the PowerShell prompt as an Administrator.

1. Run the following commands to install Metricbeat as a Windows service:
2. To install Metricbeat, run the following commands from the PowerShell prompt:

PS > cd 'C:\Program Files\Metricbeat'
PS C:\Program Files\Metricbeat> .\install-service-metricbeat.ps1

We can download and install Filebeat on different operating systems in the following ways:

• To install Filebear on deb use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.x-amd64.deb
sudo dpkg -i filebeat-6.x-amd64.deb

• To install Filebeat on rpm use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.x-x86_64.rpm
sudo rpm -vi filebeat-6.x-x86_64.rpm

• To install Filebeat on macOS use the following command:

curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.x-darwin-x86_64.tar.gz
tar xzvf filebeat-6.2.1-darwin-x86_64.tar.gz

• To install Filebeat on Windows perform the following steps:

1. From the Elastic downloads section, download the Filebeat Windows zip file.
2. Extract the zip file into C:\Program Files.
3. Rename the long filebeat directory to Filebeat.
4. Open a PowerShell prompt as an administrator.
5. From the PowerShell prompt, execute the following commands:

PS > cd 'C:\Program Files\Filebeat'
PS C:\Program Files\Filebeat> .\install-service-filebeat.ps1