Elastic Notes – 18 Notes –

How to setup ELK using Docker?

Docker Tutorials: How to Install Docker in Ubuntu?

How to install Elasticsearch and Kibana?

How to install elasticsearch and kibana 8.x using Docker?

How to setup ELK using Docker?
Step 1 - Install Docker 
- https://www.devopsschool.com/blog/how-to-install-docker-in-linux

How to install Elasticsearch and Kibana?
- https://www.devopsschool.com/blog/how-to-install-elasticsearch-and-kibana-using-docker/


docke run
-------------------
pull->create->start-attached

docker run --name es-node01 --net elastic -p 9200:9200 -p 9300:9300 -t docker.elastic.co/elasticsearch/elasticsearch:8.3.3

$ docker logs es-node01




How to Install and Deployment Elastic Agent using Kibana?

13.235.114.228


docker run --name kib-01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.3.3



Log Analsysis using ELK
-------------------------------
B --> L  --> E < ---------K

Obserbability using Elastic Stack
==============================
Agent --> E <----- K
Infra - log - KQL - Apm - Syn - RUM
Alert
Dashboard

---------------------------------------------------------------------------------------------------------------
-> Elasticsearch security features have been automatically configured!
-> Authentication is enabled and cluster connections are encrypted.

->  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
  gxnYF6hmyKsulNdk8+yJ

->  HTTP CA certificate SHA-256 fingerprint:
  d300541d307cfedc116fddb54691b6ea53dd586e2cab7af41ce5640906b34335

->  Configure Kibana to use this cluster:
* Run Kibana and click the configuration link in the terminal when Kibana starts.
* Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjMuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiZDMwMDU0MWQzMDdjZmVkYzExNmZkZGI1NDY5MWI2ZWE1M2RkNTg2ZTJjYWI3YWY0MWNlNTY0MDkwNmIzNDMzNSIsImtleSI6IkJsU1NRSXNCX09BRWdCcHJtUjhBOjZlYk5BOHh4UXFPOTZCYmF1TmdVS3cifQ==

-> Configure other nodes to join this cluster:
* Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjMuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiZDMwMDU0MWQzMDdjZmVkYzExNmZkZGI1NDY5MWI2ZWE1M2RkNTg2ZTJjYWI3YWY0MWNlNTY0MDkwNmIzNDMzNSIsImtleSI6IkJGU1NRSXNCX09BRWdCcHJtQl91OkJ3Sjc0SjRsUWd1LXlSYWl4TXBaTncifQ==

  If you're running in Docker, copy the enrollment token and run:
  `docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.3.3`
---------------------------------------------------------------------------------------------------------------