In this series of articles we are going to talk about how to perform log analytics using Elasticseach, Logstash and Kibana. To start with , we will see how to install these softwares on Windows
Install Elasticsearch on Windows
Elasticsearch is a search engine tool/platform which allows us to save the documents to be search in certain format and provides APIs to do full text search capabilities. In the recent times, because of its features like Open Source, Scalability, ease of use, it has become very popular among developer community.
Install Elastic Search is every easy, here are the steps for the same
Donwload latest Elasticsearch zip file from this location. For this demo, we are going to use version 1.4.4. Unzip and extract the content to the suitable directory.
E:\>cd es\elasticsearch-1.4.4\bin E:\es\elasticsearch-1.4.4\bin>elasticsearch
This will start the Elaticsearch service.
Note - The default distribution of Elasticsearch does not give any GUI, you need to install that by executing following command, provided your machine is connectec to internet.
E:\>cd es\elasticsearch-1.4.4\bin E:\es\elasticsearch-1.4.4\bin>plugin -install mobz/elasticsearch-head
Now you can hit
to see Elastic GUI. which would look like following screen.
More information can be availed at http://mobz.github.io/elasticsearch-head/
Install Logstash on Windows
Logstash is useful utility when it comes to playing with Logs. It gives you in built-in features to read from various file formats and perform some operations with it. One of the best feature it has is, you can read the logs in certain format (e.g. Apache Logs, NGnix Logs, SysLogs etc.) and put them into Elastic search.
Installing Logstash is very easy, first we need to donwload the required binary from this url. Here we have donwloaded version logstash-1.5.0.rc2
Now unzip the donwloaded binary and save it to some place.
To enable use of Logstash from any directory, add the path to system variable using environment variables.
>set LOGSTASH_HOME=E:\logstash\logstash-1.5.0.rc2 >set PATH=%PATH%;E:\logstash\logstash-1.5.0.rc2
And that's it, logstash is ready to use
Install Kibana 4 on Windows
Here we are going to use Kibana 4 release as it is compatible with current release of elasticsearch that we are using.
Prior to Kibana 4, we need to have a web server running but with Kibana 4, we get it embeded.
Download Kibana 4 from this url. Just unzip the zip file and save it in some folder.
Kibana configuration is very easy, simply edit config/kibana.yml to add the elasticsearch url and done.
Open config/kibana.yml and update property elasticsearch_url: "http://localhost:9200".
To start Kibana, execute
A server would get started and you could see the GUI at
If everything goes well, you should be able to see the Kibana dashboard.
In the next article, we are going to talk about how to extract data from Apache Logs, Load it to Elasticsearch using Logstash and view dashboard reports using Kibana.