Elastic Stack Cluster - Configure and Secure Tutorial

preview_player
Показать описание
The video describes how you can create your own Elastic Stack(ELK) cluster on your local machine, using 3 virtual Nodes and Oracle VM VirtualBox free and open-source hosted hypervisor.

LINKS TO DOWNLOAD THE FILES WHICH I AM USING IN THE VIDEO:

INSTRUCTIONS:

!!!FIRST CHECK THAT ELASTICSEARCH IS RUNNING!!!

systemctl status elasticsearch
if not execute the following commands with root user:
On node 1
systemctl start elasticsearch
On node 2
systemctl start elasticsearch
On node 3
systemctl start elasticsearch

!!!AFTER THIS FOLLOW THE STEPS IN THE VIDEO!!!

curl -X GET "localhost:9200/_cluster/health?pretty"

.::On Node 1::.
cd /usr/share/elasticsearch
bin/elasticsearch-certutil ca
Enter
Enter
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
Enter
Enter
Enter

cp elastic-certificates.p12 /etc/elasticsearch/

cd /etc/elasticsearch/
ls -l

chown root:elasticsearch /etc/elasticsearch/elastic-certificates.p12
chmod 660 /etc/elasticsearch/elastic-certificates.p12

systemctl restart elasticsearch

.::On Node 2::.
cp /home/elk/elastic-certificates.p12 /etc/elasticsearch/

chown root:elasticsearch /etc/elasticsearch/elastic-certificates.p12
chmod 660 /etc/elasticsearch/elastic-certificates.p12

systemctl restart elasticsearch

.::On Node 3::.
cp /home/elk/elastic-certificates.p12 /etc/elasticsearch/

chown root:elasticsearch /etc/elasticsearch/elastic-certificates.p12
chmod 660 /etc/elasticsearch/elastic-certificates.p12

systemctl restart elasticsearch

- Set passwords for default users
cd /usr/share/elasticsearch
bin/elasticsearch-setup-passwords interactive
demo passwords:
elastic:elastic
apm_system:apmsystem
kibana:kibana
logstash_system:logstashsytem
beats_system:beatssystem
remote_monitoring_user:remotemonitoringuser
- you can generate random passwords automatic using following command
bin/elasticsearch-setup-passwords auto
- be sure that you will remember them

Test cluster health:
curl -u elastic:elastic -X GET "localhost:9200/_cluster/health?pretty"

Configure Kibana on Node 1

/bin/systemctl daemon-reload
Change followinglines:

sudo systemctl start kibana
create test user

If you want more videos like this please subscribe.
Follow me on my social network accounts:

Thank you and enjoy it! ;)
#ElasticStack #Elasticsearch #ELK

00:00 For what is all about.
01:35 Nodes importation and run the machines.
03:38 Make ssh connection to the nodes.
06:03 Start with 1st node configuration.
12:06 2nd and 3rd node configuration.
16:15 Kibana configuration.
18:49 Check that Kibana is running and is secured.
21:10 Create users and make some permissions tests.
  1. HRISTO NESTOROV (NBGLINK)
  2. elasticsearch
  3. elasticsearch tutorial
  4. elastic stack tutorial
  5. elastic stack installation
  6. kibana roles
Рекомендации по теме
Elastic Stack Cluster 0:24:53

Elastic Stack Cluster - Configure and Secure Tutorial

Install and Configure 0:31:06

Install and Configure a Secure Elastic Stack

Securing the Elasticsearch 0:33:27

Securing the Elasticsearch Cluster

Setup Elasticsearch Cluster 0:57:14

Setup Elasticsearch Cluster + Kibana 8.x

Create users,Roles and 0:05:27

Create users,Roles and Privileges for ELK|ELK Stack on Windows 10

Elasticsearch basic concepts 0:04:44

Elasticsearch basic concepts | cluster, shards, nodes | Elasticsearch tutorial for beginners

Adding Nodes to 0:11:39

Adding Nodes to an Elasticsearch Cluster

Video 22 - 0:03:01

Video 22 - How to configure a 3 nodes Elasticsearch Server Cluster | Centralized Logging | ELK

How to deploy 0:26:34

How to deploy a multi-node elastic-search cluster | elasticsearch deep dive | elk stack tutorial

Install Elasticsearch + 0:29:15

Install Elasticsearch + Kibana 8.x with Self-Signed SSL

Important Elasticsearch cluster 0:24:20

Important Elasticsearch cluster configuration

Elastic Cross Cluster 0:05:00

Elastic Cross Cluster Replication CCR UI in 6.6

Mastering ElasticSearch : 0:07:44

Mastering ElasticSearch : Setting Up Production Cluster | packtpub.com

Elasticsearch Introduction and 0:11:38

Elasticsearch Introduction and terminology

07. Elastic Stack 0:12:36

07. Elastic Stack || Authentication, Users and User Roles

02. Elastic Stack 0:14:59

02. Elastic Stack || Elasticsearch Installation and Configuration

Setup 3 node 0:30:07

Setup 3 node Elasticsearch cluster (7.10)

Monitoring Kubernetes with 0:06:13

Monitoring Kubernetes with Auto Discovery on the Elastic Stack

What is Elasticsearch? 0:09:53

What is Elasticsearch?

How To Setup 0:14:35

How To Setup ELK | Elastic Agents & Sysmon for Cybersecurity

Here's How to 0:09:33

Here's How to Create Two Nodes of Elasticsearch in a Single System

Elasticsearch Tutorial | 0:11:46

Elasticsearch Tutorial | Getting Started Guide for Beginners - Sematext

Installing, Managing and 1:00:29

Installing, Managing and Troubleshooting the Elastic (ELK) Stack

Elasticsearch configurations | 0:05:41

Elasticsearch configurations | elasticsearch.yml configuration

Комментарии
Автор

Awesome tutorial. Bro, I have spent the whole day and could not figure it out. After watching your video just less than 10 minutes. I have solved it :) Great thanks MAN

salimhossain
Автор

@histro Pls, is the community channel still available ? Many Thanks

oa
Автор

thanks a lot, couldn't get it right until I came across your video

ajswanepoel
Автор

How can I add a new node within Existing Cluster(already have 2 nodes running)? Should I create cert(p12) again and assign it to all servers?

salimhossain
Автор

oh thanks, that was so useful for me.

saeed.rahimi.manesh
Автор

Hi any videos on how to configure TLS SSl for both elasticsearch and kibana?

tripmehard
Автор

Hi Comrade, I have download the 3 VM but it does not say the username and password, please let me know so i can try to use your 3 vm. Spiciba

aadeemail
Автор

Can you do a video on TLS/HTTPS configuration please ?

atayoumaima
Автор

Awesome tutorial. thank you for this.

bryanuimarairi
Автор

Hey Hristo Thanks! U gave very detailed steps it saved time..Just i have one question here if we want to remove that logstash_system, beats_system etc. Users then how we can remove those users or remove that security/password which we provided?
Thank You!

priyazingade
Автор

I have been to Russia 2 times in 2019 and love your country and people. I have visited Moscow, Kazan and St. Petersburg. i have worked for 10 days at VGRTK TV station and would love to visit again. Please let me know the username and password for the 3 ELK vm you have provided in this video description
Bolchoi Spaciba - thankyou very much

aadeemail
Автор

the part that I dont understand, you didnt set any ssl option for kibana yet you can connect over ssl to kibana ui I did same but I can only use kibana over http so how can be possible

cihadyldz
Автор

How were the 3 nodes obtained. If anyone here can help share that information I will really much appreciate that.

omaridaddey
Автор

Sorry to bother you again bro, But I need a help badly.
I have 3 nodes cluster(all master) and everything is setup as per your instructions and working perfectly.
Now, I want to remove node-1. So If i stop node-1.
Others 2 nodes [before restart] having following issue...

or after restart
unable to authenticate user [elastic]

Note : I created certificate and password in node-1(Like your instructions).
Can u pls guide me anything here?
Great thanks bro.

salimhossain
Автор

First: Thanks you so much dude! Is kinda hard to follow guides or just text to config this... Most of all guide say nothing about permision and chmod for the certificate... and I had that problem to make this works also, the setup-password is something which they dont say. Thanks!


Apologize for asking more help... How to config for use HTTPS? I tried to just add this lines:


true
elastic-certificates.p12
elastic-certificates.p12
optional


In browser it 'works' (it throw exception of security, but you can ignore it and continue) but... I think is not okey, because in logs it says 'unknow ca'


Thanks you!

SchenierLopez