Hello,
Thanks for your reply, I guess the tutorial is too old and not enough precise for what I want.
I didn't know Elastic has a SIEM solution, but my company want to work only with free Open Source project...
I'm okay with building it by myself with Elastic solutions:
elastic-download
For the installation, I ran the commands:
curl https://artifacts.elastic.co/downloads/kibana/kibana-8.12.2-amd64.deb --output kibana-8.12.2-amd64.deb
curl https://artifacts.elastic.co/downloads/logstash/logstash-8.12.2-amd64.deb --output logstash-8.12.2-amd64.deb
curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.12.2-amd64.deb --output elasticsearch-8.12.2-amd64.deb
dpkg -i *.deb
But I got weird results.
root@ELK-Stack:~# tail -f /var/log/elasticsearch/elasticsearch.log
[2024-03-14T14:44:44,528][ERROR][o.e.b.Elasticsearch ] [ELK-Stack] fatal exception while booting Elasticsearch
java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Elasticsearch.initializeNatives(Elasticsearch.java:282) ~[elasticsearch-8.12.2.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch.initPhase2(Elasticsearch.java:167) ~[elasticsearch-8.12.2.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:72) ~[elasticsearch-8.12.2.jar:?]
I tried a fresh install by following this topic, but got the same can not run elasticsearch as root
Should I just change the name of my topic as 'Struggling with ELK installation', or open a new one?
Regards