-
Single-node ELK stack Role: logging_single_node
-
Clustered ELK stack Role: logging_cluster
Everything is automated via Ansible playbooks.
- Ubuntu 22.04 LTS system(s)
- Ansible installed on your control node
- SSH access to target hosts
- Vault password (see below)
-
Clone the repository:
git clone https://github.com/tinhutins/logging-setup.git cd logging-setup -
Verify your inventory.ini matches your environment.
-
Run the pre-install provisioning step:
ansible-playbook -i inventory.ini playbooks/preinstall.yml --tags provision --ask-vault-pass -kK
- NOTE: This step uses the local user tino on machines with sudo privileges. Make sure to update playbooks/preinstall.yml if you need to use a different user.
Default vault password:
password - Add Elasticsearch nodes:
ansible-playbook -i inventory.ini playbooks/postinstall.yml --tags add_elasticsearch --ask-vault-pass- Add Kibana:
ansible-playbook -i inventory.ini playbooks/postinstall.yml --tags add_kibana --ask-vault-pass- Add Logstash:
ansible-playbook -i inventory.ini playbooks/postinstall.yml --tags add_logstash --ask-vault-pass- Add Filebeat:
ansible-playbook -i inventory.ini playbooks/postinstall.yml --tags add_filebeat --ask-vault-pass- Add Fleet:
ansible-playbook -i inventory.ini playbooks/postinstall.yml --tags add_fleet --ask-vault-pass