# ELK Processes for Installation & Use ###### tags: `ElasticSearch` ## 【Install ELK programs】 Install ElasticSearch, Logstash, Kibana and then unzip to the same directory for convenience. ### 1. ElasticSearch Download Link https://www.elastic.co/downloads/elasticsearch 　　 *Need to install accompany with JRE ### 2. Logstash Download Link https://www.elastic.co/downloads/logstash ### 3. Kibana Download Link https://www.elastic.co/downloads/kibana ## 【Run ELK services】 ### 1. ElasticSearch * Click to execute the batch file (1st console): elasticsearch-7.14.0\bin\elasticsearch.bat * Check (1st webpage) localhost:9200 ### 2. Logstash * Create config file in directory: `logstash-7.14.0\config` Path: `logstash-7.14.0\config\logstash.conf` content: ``` input { stdin { } } output { elasticsearch { hosts => ["localhost:9200"] index => "yowkoindex" } stdout { codec => rubydebug } } ``` * Open a new windows cmd, and call command to execute Logstash (2nd console) `"logstash-7.14.0\bin\logstash.bat" -f "logstash-7.14.0\config\logstash.conf"` * Check (2nd webpage) localhost:9600 ### 3. Kibana * Click to execute the batch file (3rd console): `kibana-7.14.0\bin\kibana.bat` * Check (3rd webpage) localhost:5601 ## 【Test】 ### 1. Send message on Logstash console (2nd console) e.g. `test send message (→Enter)` ### 2. Query and show query result (3rd webpage) * Go to "Dev Tools" > "Console" 　　 * Modify query content: ``` GET _search { "query": { "match_phrase": { "message": "test" } } } ``` 　　 * Query result: ``` ... ... "message": """test send message""", ... ... ```