generalelk

Understand the default configuration

Understand the default ELK configuration

Elasticsearch configuration file

The main configuration file for Elasticsearch is /opt/bitnami/elasticsearch/config/elasticsearch.yml.

Elasticsearch ports

By default, Elasticsearch will use port 9200 for requests and port 9300 for communication between nodes within the cluster. If these ports are in use when the server starts, it will attempt to use the next available port, such as 9201 or 9301.

Set custom ports using the configuration file, together with details such as the cluster name (elasticsearch by default), node name, address binding and discovery settings. All these settings are needed to add more nodes to your Elasticsearch cluster.

Elasticsearch log file

The Elasticsearch log file is created at /opt/bitnami/elasticsearch/logs/CLUSTERNAME.log. Replace the CLUSTERNAME placeholder with the name of the Elasticsearch cluster set in the configuration file.

Understand the default Logstash configuration

Logstash configuration file

The main configuration file for Logstash is /opt/bitnami/logstash/config/logstash.yml.

The Logstash event pipeline can be configured at /opt/bitnami/logstash/pipeline. Files inside this directory will be loaded during Logstash server startup.

A pre-configured logstash.conf event pipeline configuration file is provided which will listen for TCP, UDP, HTTP, Beats and Gelf requests, and will output data to the local Elasticsearch server running at port 9200.

Logstash port

By default, Logstash will use port 9600. If this port is in use when the server starts, it will attempt to use the next available port, such as 9601.

Logstash log file

The Logstash log file is created at /opt/bitnami/logstash/logs/logstash.log.

Understand the default Kibana configuration

Kibana configuration file

The main configuration file for Kibana is /opt/bitnami/kibana/config/kibana.yml.

Kibana ports

By default, Kibana will use port 5601. If this port is in use when the server starts, it will attempt to use the next available port, such as 5602.

You can set a custom port using the configuration file, together with details such as the Elasticsearch URL (http://127.0.0.1:9200 by default), Kibana index, default application to load or verbosity level.

Kibana log file

The Kibana log file is created at /opt/bitnami/kibana/logs/kibana.log.

Last modification December 21, 2022