{"id":982,"date":"2020-04-25T12:28:00","date_gmt":"2020-04-25T10:28:00","guid":{"rendered":"https:\/\/blog.mhasin.eu\/?p=982"},"modified":"2020-09-13T12:01:00","modified_gmt":"2020-09-13T10:01:00","slug":"elk-stack-tuke-elastisearch-kibana-filebeat-netflow","status":"publish","type":"post","link":"https:\/\/blog.mhasin.eu\/?p=982","title":{"rendered":"ELK stack Elastisearch kibana filebeat netflow"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Instalacia:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>apt install gnupg2\nwget -qO - https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch | sudo apt-key add -\n\nsudo apt-get update\nsudo apt-get install apt-transport-https\n\n\necho \"deb https:\/\/artifacts.elastic.co\/packages\/7.x\/apt stable main\" | sudo tee -a \/etc\/apt\/sources.list.d\/elastic-7.x.list\n\n\nsudo apt-get update\nsudo apt-get install elasticsearch<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Uprava konfigu elasticsearch:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nano \/etc\/elasticsearch\/elasticsearch.yml<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>network.host: \"localhost\"\nhttp.port:9200\ncluster.initial_master_nodes: [\"<PrivateIP\"]<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Uprava config:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nano \/etc\/elasticsearch\/jvm.options<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>-Xms8g\n-Xmx8g<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0160tart slu\u017eby<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl enable elasticsearch\nsystemctl start elasticsearch<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Instalacia kibana:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt-get install kibana<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>nano \/etc\/kibana\/kibana.yml<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>server.port: 5601\nelasticsearch.url: \"http:\/\/localhost:9200\"<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Zapnutie kibana:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl enable kibana\nsystemctl start kibana<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Filebeat install:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl -L -O https:\/\/artifacts.elastic.co\/downloads\/beats\/filebeat\/filebeat-7.9.1-amd64.deb\nsudo dpkg -i filebeat-7.9.1-amd64.deb<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Povolenie netflow:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo filebeat modules enable netflow<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl enable filebeat.service\nsystemctl start filebeat.service<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Nastavenie adresy kde nacuva netflow<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code> nano \/etc\/filebeat\/modules.d\/netflow.yml<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>netflow_host:<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Instalovanie filebeat do kibany<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>filebeat setup<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n<div class=\"pdf24Plugin-cp\"> \t<form name=\"pdf24Form0\" method=\"post\" action=\"https:\/\/doc2pdf.pdf24.org\/wordpress.php\" target=\"pdf24PopWin\" onsubmit=\"var pdf24Win = window.open('about:blank', 'pdf24PopWin', 'resizable=yes,scrollbars=yes,width=600,height=250,left='+(screen.width\/2-300)+',top='+(screen.height\/3-125)+''); pdf24Win.focus(); if(typeof pdf24OnCreatePDF === 'function'){void(pdf24OnCreatePDF(this,pdf24Win));}\"> \t\t<input type=\"hidden\" name=\"blogCharset\" value=\"Cw1x07UAAA==\" \/><input type=\"hidden\" name=\"blogPosts\" value=\"MwQA\" \/><input type=\"hidden\" name=\"blogUrl\" value=\"yygpKSi20tdPyslP18vNSCzOzNNLLQUA\" \/><input type=\"hidden\" name=\"blogName\" value=\"c\/LxdwcA\" \/><input type=\"hidden\" name=\"blogValueEncoding\" value=\"gzdeflate base64\" \/><input type=\"hidden\" name=\"postId_0\" value=\"s7QwAgA=\" \/><input type=\"hidden\" name=\"postTitle_0\" value=\"c\/XxViguSUzOVnDNSSwuySxOTSxKzlDIzkxKzEtUSMvMSU1KTSxRyEstScvJLwcA\" \/><input type=\"hidden\" name=\"postLink_0\" value=\"yygpKSi20tdPyslP18vNSCzOzNNLLdW3L7C1tDACAA==\" \/><input type=\"hidden\" name=\"postAuthor_0\" value=\"y00syfcwNAIA\" \/><input type=\"hidden\" name=\"postDateTime_0\" value=\"MzIwMtA1MNE1MlUwNLIyMLEyMAAA\" \/><input type=\"hidden\" name=\"postContent_0\" value=\"pVXRbtMwFH3PV1wFaW9OtgnG1pW+wTSBWF+QAAlNt46bmji2sZ10lfgYvoS3\/Rd2mmbKupWmy4tjxz6+95xzb6KxBirQ2nfxUpOZULQgGg3mBvUinlxL61Ag5Tgap3oS+WesDds6QlXG4sk4DBPUDnhzTkAuK52fRsucOSC\/boDAwjltR2mKxvE5UmcT5rEcpwlV6dX0inx8\/420S5ahoQv4DbbKFHhcUrAVYJYBiaJuLWBXOkPH+mubGMLcGZRWK+NIc79Pg9GFgjhjs90RaaQF5symb5O7NGTmMWeCQYlcxpvIHGNAEFLmaNiTWlUZymwiuHVJlrZwxEM0S9GA4HtMjNOGYK+EYa0Wu8T7og3WCIWSc55Xfaj95ZQo1Tq1HkB\/lqxK8UR0\/4NmbqlMkSyUdSOI\/XcU4T2OgiZJ0Gt0cXp8HFFRWcdMwiV3HMVtiWF6Kz2IHcHRq4uTy\/hIuMup4bWn8noa\/ziMK9pw9XJyftZlorTjStrhtJCvpT3PIz\/cnecD87j\/47yPwYrq\/u9stXceduUJLanzhpONv3vpRA+fbQP\/Elc+xLRf44GCz1AO6D9P1tEa5ACLdgKvEdrhML9bZmrv4sbX8Obs+CTqF1FlhC+D4H3fjrpqaEogHsjyd9SycpwNZ++xE9YAWxZ4ltBdUX3ggs0YdrLsHxb13AD5BORmd7\/O1FIKhZlNwz02nbc3di++C18kJwTL7Ox14tv\/uu1musiBcHhu18A8p6pWgklPv29xc6GWA927CQNKlVWC2Y0WLdoBznus6uaGJHiSU7al7+MNAxn47BXBuqEAM8PsCorMx4+08l22S2NPTuChCjs9W2b877VFO\/gXFA7fNoU2MMd1j1I1hiw7ybx8TW3s33y7o5a5Sh\/STv8B\" \/> \t\t<a href=\"https:\/\/www.pdf24.org\" target=\"_blank\" title=\"www.pdf24.org\" rel=\"nofollow\"><img src=\"https:\/\/blog.mhasin.eu\/wp-content\/plugins\/pdf24-post-to-pdf\/img\/pdf_32x32.png\" alt=\"\" border=\"0\" height=\"32\" \/><\/a> \t\t<span class=\"pdf24Plugin-cp-space\">\u00a0\u00a0<\/span> \t\t<span class=\"pdf24Plugin-cp-text\">Send article as PDF<\/span> \t\t<span class=\"pdf24Plugin-cp-space\">\u00a0\u00a0<\/span> \t\t<input class=\"pdf24Plugin-cp-input\" style=\"margin: 0px;\" type=\"text\" name=\"sendEmailTo\" placeholder=\"Enter email address\" \/> \t\t<input class=\"pdf24Plugin-cp-submit\" style=\"margin: 0px;\" type=\"submit\" value=\"Send\" \/> \t<\/form> <\/div>","protected":false},"excerpt":{"rendered":"Instalacia: Uprava konfigu elasticsearch: Uprava config: \u0160tart slu\u017eby Instalacia kibana: Zapnutie kibana: Filebeat install: Povolenie netflow: Nastavenie adresy kde nacuva netflow Instalovanie filebeat do kibany \u00a0\u00a0 Send article as PDF \u00a0\u00a0\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"arc_restricted_post":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-982","post","type-post","status-publish","format-standard","hentry","category-monitoring"],"_links":{"self":[{"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/posts\/982","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=982"}],"version-history":[{"count":4,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/posts\/982\/revisions"}],"predecessor-version":[{"id":1553,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=\/wp\/v2\/posts\/982\/revisions\/1553"}],"wp:attachment":[{"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=982"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=982"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mhasin.eu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=982"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}