Installing Elastic Stack

This guide describes the installation of an Elastic Stack server comprised of Filebeat, Elasticsearch, and Kibana. We will illustrate package-based installations of these components. You can also install them from binary tarballs, however, this is not preferred or supported under Wazuh documentation.

In addition to Elastic Stack components, you will also find the instructions to install and configure the Wazuh app (deployed as a Kibana plugin).

Depending on your operating system you can choose to install Elastic Stack from RPM or DEB packages. Consult the table below and choose how to proceed:

Type

Description

RPM packages

Install Elastic Stack on CentOS/RHEL/Fedora.

DEB packages

Install Elastic Stack on Debian/Ubuntu.

After the installation, find below optional steps you may find interesting:

Note

Currently, the Elastic Stack is only supported on 64-bit operating systems, according to its Support Matrix.