1. Home
  2. Linux
  3. Ubuntu
  4. How to Install ELK Stack on Ubuntu 16.04-A Complete Tutorial

How to Install ELK Stack on Ubuntu 16.04-A Complete Tutorial

 ELK Stack on Ubuntu 16.04
How to Install and Configure the ELK Stack on Ubuntu 16.04

In this tutorial, we will teach you how to install and configure the ELK stack for Ubuntu 16.04.
Earlier, I have talked about the Ubuntu and EKL ,  the details of which you can read in these articles:

EKL Stack on 

ELK  stack stands for Elasticsearch, Logstash, and Kibana; is a robust, open source solution for searching, analyzing, and visualizing data.


Elasticsearch is a distributed, RESTful search and analytics engine based on Lucene.  Logstash is a data processing pipeline for managing events and logs.  Kibana is a web application for visualizing data in Elasticsearch.
This ELK stack guide will work on any Linux VPS system, however, it was tested and made for Ubuntu 16.04 VPS.
Installing the ELK Stack on Ubuntu 16.04 is pretty simple, just follow the steps below and you will have it installed in less than 15 minutes.

Prerequisites for ELK Stack on Ubuntu

For this guide to work, you are required to have a couple of things:

  • A Ubuntu 16.04 VPS
  • A user with sudo privileges


Update the system and install the required packages

sudo apt update && apt -y upgrade
sudo apt install apt-transport-https software-properties-common wget

You will need to make sure that you update the softwares on your Linux VPS or just set up automatic updates.

Install Oracle Java JDK via PPA

You will be using the PPA repository maintained by the Webupd8 Team.
Now, the install script is to accept the license agreement. And it should download the java archive file from the download page before setting everything up for you.
To append the Webupd8 Team PPA repository, execute the commands below on your server.

sudo add-apt-repository ppa:webupd8team/java
sudo apt update

Then, You may install JDK8 using the command below.

sudo apt install oracle-java8-installer

In th end, To verify if everything was set correctly, execute the following command.

java -version

You will see something similar to the output below.

java version "1.8.0_131"
Java(TM) SE Runtime Environment (build 1.8.0_131-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.131-b11, mixed mode)

Install and configure Elasticsearch

Install Elasticsearch with the package manager from the Elastic repository.

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
sudo apt update
sudo apt install elasticsearch

After the installation is finished, open the ‘elasticsearch.yml’ file and restrict the remote access to the Elasticsearch instance.

sudo nano /etc/elasticsearch/elasticsearch.yml
network.host: localhost

Initiate the Elasticsearch service and make it start automatically on boot.

sudo systemctl restart elasticsearch
sudo systemctl enable elasticsearch

Install and Configure Kibana

Just like Elasticsearch, you are going to install Kibana with the package manager from the Elastic repository.

sudo apt install kibana
After the installation is done, open the ‘kibana.yml' file and restrict the remote access to the Kibana instance.
sudo nano /etc/kibana/kibana.yml
server.host: "localhost"

In the same way as before, you now need to initiate the Elasticsearch service and set it to start automatically on boot.

sudo systemctl restart kibana
sudo systemctl enable kibana

Kibana should now run on localhost on port 5601

Install and configure Nginx as a reverse proxy

Use Nginx as a reverse proxy to access Kibana from the public IP address. To install Nginx, you will need to execute the command below.

sudo apt-get install nginx

Create a basic authentication file using the ‘openssl’ command.

echo "admin:$(openssl passwd -apr1 YourStrongPassword)" | sudo tee -a /etc/nginx/htpasswd.kibana

Remember to always use a strong password.
Generate a self-signed ssl certificate.
Remove the default nginx virtual host.

sudo rm /etc/nginx/sites-enabled/default

Now create a virtual host configuration file for our Kibana instance.

sudo nano /etc/nginx/sites-available/kibana
server {
    listen 80 default_server;
    server_name _;
    return 301 https://$server_name$request_uri;
server {
    listen 443 default_server ssl http2;
    server_name _;
    ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
    ssl_session_cache shared:SSL:10m;
    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.kibana;
    location / {
        proxy_pass http://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;

Enable the server block by making a symbolic link.

sudo ln -s /etc/nginx/sites-available/kibana /etc/nginx/sites-enabled/kibana

Try the Nginx configuration and restart Nginx with the below.

sudo nginx -t
sudo service nginx restart


Install Logstash

The last thing you have to do is install Logstash with the package manager from the Elastic repository.

sudo apt install logstash

The Logstash configuration will depend on your personal preference and the plugins you want to use.

Final Thoughts

This is all, you should now have the ELK Stack successfully installed on your Ubuntu 16.04 VPS.
One more thing……
Check out Our Best VPS Hosting and WordPress hosting for scaling your business websites and applications.

Updated on December 23, 2018

Was this article helpful?

Related Articles

Leave a Comment

[apsl-login-lite login_text='Please login with a social account']