NOTE: The installation instructions below apply only to Elasticsearch versions 6.2 and earlier. Starting with Elasticsearch version 6.3, Bitnami provides the OSS distribution of Elasticsearch which does not include X-Pack.
X-Pack is an extension which adds additional features to Elasticsearch and Kibana, such as security enhancements, machine learning features and others.
In order to install X-Pack into the ELK stack, please follow the steps in the sections below.
Install X-Pack into Elasticsearch
The steps below describe how to install the X-Pack plugin into Elasticsearch:
$ sudo installdir/ctlscript.sh stop elasticsearch
Install the X-Pack plugin in the installdir/elasticsearch directory:
$ cd installdir/elasticsearch $ sudo bin/elasticsearch-plugin install x-pack
Update the ownership for newly created files and directories, so they are accessible for Elasticsearch:
$ sudo chown -R elasticsearch:elasticsearch config/elasticsearch.keystore config/x-pack
Make sure that the host for Elasticsearch is publicly accessible for X-Pack:
Open installdir/elasticsearch/config/elasticsearch.yml and update the network.publish_host property value to your server IP address.
NOTE: X-Pack needs to access Elasticsearch on its assigned port (by default 9200). If you cannot access the port via the IP address mentioned above, change it to 127.0.0.1 and save (this way X-Pack can access Elasticsearch locally). An alternative is to open the port in your firewall, as described in the FAQ.
$ sudo installdir/ctlscript.sh start elasticsearch
Generate X-Pack default passwords (note down the passwords you obtain for the elastic and kibana users):
$ sudo bin/x-pack/setup-passwords auto
Disable Apache HTTP authentication
For security purposes, Bitnami enables HTTP authentication for Kibana. However, the X-Pack plugin enables HTTP authentication by default, making Kibana inaccessible.
In order to access Kibana again, please follow the steps below in order to disable the HTTP authentication enabled by Bitnami:
In the installdir/elasticsearch/apache-conf/elasticsearch.conf file, remove the following lines and save:
<LocationMatch "^/(elasticsearch|elk).*?"> AuthType Basic AuthName "Insert your Elasticsearch credentials. If you have problems visit: https://docs.bitnami.com/?page=apps&name=elasticsearch" AuthBasicProvider file AuthUserFile "installdir/elasticsearch/apache-conf/password" Require user user </LocationMatch>
$ sudo installdir/ctlscript.sh restart apache
Install X-Pack into Kibana
The steps below describe how to install the X-Pack plugin into Kibana:
$ sudo installdir/ctlscript.sh stop kibana
Install the X-Pack plugin in the installdir/kibana directory (this step may take up to 30 minutes):
$ cd installdir/kibana $ sudo bin/kibana-plugin install x-pack
Modify Kibana configuration for X-Pack to work with the Apache frontend server, to do so:
- Open installdir/kibana/config/kibana.yml.
Add the following lines and save, replacing KIBANA_PASSWORD with the credentials for the kibana user you created above:
elasticsearch.username: kibana elasticsearch.password: KIBANA_PASSWORD xpack.reporting.kibanaServer.port: 80 xpack.reporting.kibanaServer.protocol: http
$ sudo installdir/ctlscript.sh start kibana
You can now access Kibana at http://localhost/elk/ with the credentials you created above.