Introduction
The ELK Stack (Elasticsearch, Logstash, and Kibana) has matured into a robust data management and analysis platform.
Docker is the most popular choice for deploying these tools; however, this article will focus on a Windows installation.
Going through the Windows installation process provides a unique opportunity to better grasp the inner workings of the ELK Stack.
Installing Elastic Search on Windows
Installing Elastic Search on your Windows system. Here’s the rundown:
Get Ready: Make sure you have the Microsoft Universal C Runtime library installed. If not, it’s available on Windows Update. Can’t install it? No worries, just disable Elasticsearch’s machine learning feature.
Download Elasticsearch: Get the most recent stable version of Elasticsearch. We’ll use version 8.8.1 for our purposes.
Unpack and Install: Locate and unzip the .zip file. You’ll find a folder called elasticsearch-8.8.1, which we’ll refer to as %ES_HOME%.
Fire it Up: Launch Elasticsearch from the command line with \bin\elasticsearch.bat, or just double click on it. It’ll enable security features and generate a superuser password for you.
Enroll Nodes: If you’re adding more nodes to your cluster, use the elasticsearch-create-enrollment-token tool. This will help the new nodes join the existing cluster.
Tweak Configs: You can adjust Elasticsearch’s settings through the %ES_HOME%\config\elasticsearch.yml file or via the command line.
Check Your Work: Test if Elasticsearch is running by sending an HTTPS request to port 9200 on localhost. From powershell you can use Invoke-RestMethod "http://localhost:9200/_cluster/health?pretty", you could also check from the browser with http://localhost:9200/_cat/health.
Build as a Service: Set up Elasticsearch as a service on your Windows machine using the provided elasticsearch-service.bat command.
You can disable SSL for local development.
Reference: Installation of Elastic Search in Windows
Installing Kibana on Windows
Now for Kibana. Here’s the rundown:
Prerequisites: To set the stage for our journey into Kibana, we first ensure that our Elasticsearch server is operational and ready for action. Kibana is the visualisation layer of the Elastic Stack, designed to work in harmony with Elasticsearch. Therefore, it’s crucial to have Elasticsearch prepared and accessible.
Acquisition: We initiate the process by acquiring the most recent stable version of Kibana. For the purpose of this illustration, we’ll utilise version 8.8.1.
Installation: Upon successfully downloading the .zip file, we then proceed to unzip it. This action creates a new folder kibana-8.8.1-windows-x86_64, a place we’ll refer to as $KIBANA_HOME.
Configuration: We tweak Kibana’s settings via the $KIBANA_HOME\config\kibana.yml file. By default, Kibana starts on port 5601 and seeks connection with the Elasticsearch on localhost:9200.
Initiation: .\bin\kibana.bat is used to launch Kibana from the command line. It may take a few moments to initialize.
Verification: To make sure that Kibana has indeed come alive and is running smoothly, we navigate to http://localhost:5601 in our web browser. The Kibana home page, a sight for sore eyes, should welcome us.
Service Setup: As of the creation of this guide, Kibana lacks an in-built mechanism for running as a Windows service. You could use a third party Windows service wrapper for this.
Reference: The installation process of Kibana on Windows
Update setting of the cluster
In the case that there is not enough free space in your disk, to meet the disk water mark requirement, you could update it:
$uri = "http://localhost:9200/_cluster/settings"
$json = @"
{
"persistent": {
"cluster.routing.allocation.disk.watermark.low": "99%",
"cluster.routing.allocation.disk.watermark.high": "99.9%",
"cluster.routing.allocation.disk.watermark.flood_stage": "99.9%",
"cluster.info.update.interval": "1m"
}
}
"@
Invoke-RestMethod -Uri $uri -Method Put -ContentType "application/json" -Body $json
Hello world
We’ve completed the installation, and we are ready to use Elastic Search from the GuI:
