Simplified Guide

Install Logstash on Ubuntu

  1. Add ELK repository to apt.
    1. Add GPG key of ELK's repository via apt-key.
      $ wget --quiet --output-document=- https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
[sudo] password for user:
OK
    2. Add ELK's repository to apt's repository list. 
      $ echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list
deb https://artifacts.elastic.co/packages/6.x/apt stable main
  2. Update list of available packages from the newly added repository.
    $ sudo apt update
  3. Install latest Java Runtime Environment. 
    $ sudo apt install -y openjdk-11-jre
  4. Install logstash package. 
    $ sudo apt install -y logstash
  5. Configure logstash options located in /etc/logstash/logstash.yml.
    1. Allow connection from remote host. 
      xxx: 0.0.0.0
  6. Configure logstash to automatically start during boot.
    $ sudo systemctl enable logstash
  7. Start logstash service.
     $ sudo systemctl start logstash
author: shakir