Skip to content

Instantly share code, notes, and snippets.

@esmaeelE

esmaeelE/ELK.md

Created December 23, 2025 08:46
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save esmaeelE/255076501929564acdf38263ee1aaee1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save esmaeelE/255076501929564acdf38263ee1aaee1 to your computer and use it in GitHub Desktop.
Download ZIP
Install ELK
Raw
ELK.md

ELK Stack Installation Guide

(Elasticsearch, Logstash, Kibana)

This guide explains how to install the ELK Stack either on bare metal or using Docker.

Option 1: Bare Metal Installation

Recommended OS: Ubuntu 24.04 LTS

mkdir ELK
cd ELK

Create sources file to download with apt

cat > elastic.sources << "EOF"
Types: deb
URIs: https://artifacts.elastic.co/packages/9.x/apt/
Suites: stable
Components: main
Signed-By: /etc/apt/keyrings/GPG-KEY-elasticsearch.key
EOF

1. Add Elastic GPG Key

wget https://artifacts.elastic.co/GPG-KEY-elasticsearch

sudo mkdir -m 0755 -p /etc/apt/keyrings/
sudo cp GPG-KEY-elasticsearch /etc/apt/keyrings/GPG-KEY-elasticsearch.key

sudo mv elastic.sources /etc/apt/sources.list.d/
sudo apt update

3. Install ELK Components

First download packages sudo apt download elasticsearch filebeat kibana logstash

Then install

sudo apt install elasticsearch filebeat kibana logstash

Option 2: Install ELK Using Docker

Recommended OS:

  • Ubuntu 24.04 LTS
  • Debian 13

1. Install Docker & Docker Compose

Ensure Docker and Docker Compose are installed before continuing.

2. Clone the Docker ELK Repository

git clone https://github.com/deviantony/docker-elk
cd docker-elk

3. Initialize ELK Stack

docker compose up setup

4. Start ELK Stack

docker compose up

⚠️ On older Docker versions, you may need to use:

docker-compose up

Verify ELK Stack Status

After the containers are running, verify everything is up:

docker compose ps

Example output:

NAME IMAGE COMMAND SERVICE STATUS PORTS docker-elk-elasticsearch-1 docker-elk-elasticsearch "/bin/tini -- /usr/l…" elasticsearch Up 9200, 9300 docker-elk-kibana-1 docker-elk-kibana "/bin/tini -- /usr/l…" kibana Up 5601 docker-elk-logstash-1 docker-elk-logstash "/usr/local/bin/dock…" logstash Up 5044, 9600, 50000

Access Kibana

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment