Installing Elastic Stack¶
This guide describes the installation of an Elastic Stack server comprised of Filebeat, Elasticsearch, and Kibana. We will illustrate package-based installations of these components. You can also install them from binary tarballs, however, this is not preferred or supported under Wazuh documentation.
In addition to Elastic Stack components, you will also find the instructions to install and configure the Wazuh app (deployed as a Kibana plugin).
Depending on your operating system you can choose to install Elastic Stack from RPM or DEB packages. Consult the table below and choose how to proceed:
|RPM packages||Install Elastic Stack on CentOS/RHEL/Fedora.|
|DEB packages||Install Elastic Stack on Debian/Ubuntu.|
After the installation, find below optional steps you may find interesting:
- Elasticsearch tuning
- Transform your data with Logstash
- Insert a Wazuh API entry automatically
- Configure an Elasticsearch Cluster
Currently, the Elastic Stack is only supported on 64-bit operating systems, according to its Support Matrix.