I am trying to install the Elastic Stack locally on a single VM to keep the setup simple.
The use case is Security, which requires installing ELK as well as many configurations here and there to enable features like Elastic Agent (like security / tls / user roles) .
Although the documentation does cover the steps, I am finding it tedious to get the configuration right. I was wondering if other installation options are there, like pre-made Virtual Machine, docker, or install scripts that automate the deployment and especially the configurations required for a functional Elastic Security ?
P.S : I know that cloud provides the simplicity I am looking for, but unfortunately I am bound to deploy Elastic Security locally.
If you need to override default config files, and there's a lot of configuration, one option would be to build your own Dockerfiles on top of the official ones.
For a simple local setup, I'd personally use docker-compose and include both Elasticsearch and Kibana instances there. You can even build a multi-node ES and KIbana cluster that way, where all the nodes would still work on the same machine.
If you are familiar with Kubernetes or need a more advanced setup, another option would be to spin up Elastic Stack in a K8s cluster. Elastic has Helm charts, seems like not every component of the Stack is there, but still:
As for configuring your data sources like Elastic Agent and Endpoint Security, probably the easiest way would be to do it via Fleet (your Agents should be enrolled in your Fleet, so you could have a centralised control over them from Kibana):
Sorry, at this point we don't have any automation of the things specifically required by Elastic Security.
For a simple local setup you could log in as a superuser (make sure to give your user the role named superuser) and expect most of the functionality working.
@stephenb this is awesome! Thank you for sharing this guide!
@lisa99 let us know if this helps you. I know it may be a little bit frustrating to not having a simple one-click deploy-everything solution, but hopefully we'll get there at some point in the future.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.