/ELKAutomation

Simplified installation of ELK stack

Primary LanguageShellMozilla Public License 2.0MPL-2.0

ELKAutomation

A quick and easy ELK stack server install

What is it

ELKAutomation is a series of scripts and configuration files that make installing the ELK stack extremely quick and easy. My first manual install of the ELK stack took me multiple days - I struggled to find good and up-to-date 'how-to' guides for a secure installation. The whole process was very frustrating. While many other people may not have had as much of a struggling installing the stack as I have, I figure that these scripts could still be useful for people that are laz - I mean ... uhh... efficient. It could also be beneficial to those setting up a distributed ELK environment, though ELKAutomation does not currently support installation in a distributed enviornment.

For specific details on how it works, please see the wiki.

Software Installed By ELKAutomation

  • Latest version of Nginx
  • Latest version of Elasticsearch (6.x branch only)
  • Latest version of Logstash (6.x branch only)
  • Latest version of Kibana (6.x branch only)
  • Latest version of apt-transport-https
  • Latest version of apache2-utils
  • Latest version of OpenJDK 8

Prerequisites

  • If you wish to secure all communications with your ELK instance, the server that will be running the ELK stack AND all clients you wish to send logs from should have DNS resolvable hostnames. You can send logs from your clients to the Logstash instance running on the ELKAutomation server using one of the ELK beats data shippers. If neither your server nor your clients have resolvable hostnames, the certificates generated using this program will not function correctly. If your clients do not have DNS resolvable hostnames but your sever does, you can still secure communications to the nginx instance.
  • ELKAutomation currently only supports systems that use the apt package manager. Contributions to ELKAutomation that have support for other systems are welcome =)

Installation

git clone https://github.com/trdan6577/elkautomation.git

Usage

Secure Server Setup

In order to install and secure the ELK stack using this program, you MUST edit client.conf, server_root.conf, and v3.ext. Conveniently, the parts you need to edit are surrounded by carrots (< >). Just give the carrots the value they ask for and the remove the carrots. After filling out these three files, edit the line in automation.conf so that it says SECURITY=1. Then run serverSetup.sh with administrative privileges.

Insecure Server Setup

Just run sudo ./serverSetup.sh. It doesn't get any simpler than this folks.

Things TODO

  • Get a way to read a list of clients to make certificates for