Installing Elastic Stack¶
This guide describes the installation of an Elastic Stack server comprised of Logstash, Elasticsearch, and Kibana. We will illustrate package-based installations of these components. You can also install them from binary tarballs, however, this is not preferred or supported under Wazuh documentation.
In addition to Elastic Stack components, you will also find the instructions to install and configure the Wazuh app (deployed as a Kibana plugin).
Depending on your operating system you can choose to install Elastic Stack from RPM or DEB packages. Consult the table below and choose how to proceed:
|RPM packages||Install Elastic Stack on CentOS/RHEL/Fedora.|
|DEB packages||Install Elastic Stack on Debian/Ubuntu.|
There are some related additional configurations that can be applied:
- Setting up SSL for Filebeat and Logstash
- Setting up SSL and authentication for Kibana
- Elasticsearch tuning
- Search Guard configuration
Currently, the Elastic Stack is only supported on 64-bit operating systems, according to its Support Matrix.