get-started-elastic-stack.html

<!DOCTYPE html>
<html lang="en-us">
  <head>
    
<meta charset="UTF-8">
<title>Getting started with the Elastic Stack | Getting Started [8.2] | Elastic</title>
<meta class="elastic" name="content" content="Getting started with the Elastic Stack | Getting Started [8.2]">

<link rel="home" href="index.html" title="Getting Started [8.2]"/>
<link rel="up" href="index.html" title="Getting Started [8.2]"/>
<link rel="prev" href="index.html" title="Getting Started [8.2]"/>
<link rel="next" href="get-started-stack-docker.html" title="Running the Elastic Stack (&quot;ELK&quot;) on Docker"/>
<meta class="elastic" name="product_version" content="8.2"/>
<meta class="elastic" name="product_name" content="Elastic Stack"/>
<meta class="elastic" name="website_area" content="documentation"/>
<meta name="DC.type" content="Learn/Docs/Elastic Stack/Getting started/8.2"/>
<meta name="DC.subject" content="Elastic Stack"/>
<meta name="DC.identifier" content="8.2"/>
<meta name="robots" content="noindex,nofollow"/>

    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <script src="https://cdn.optimizely.com/js/18132920325.js"></script>
    <link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
    <link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
    <link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
    <link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
    <link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
    <link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
    <link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
    <link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
    <link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
    <link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32">
    <link rel="icon" type="image/png" href="/android-chrome-192x192.png" sizes="192x192">
    <link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96">
    <link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16">
    <link rel="manifest" href="/manifest.json">
    <meta name="apple-mobile-web-app-title" content="Elastic">
    <meta name="application-name" content="Elastic">
    <meta name="msapplication-TileColor" content="#ffffff">
    <meta name="msapplication-TileImage" content="/mstile-144x144.png">
    <meta name="theme-color" content="#ffffff">
    <meta name="naver-site-verification" content="936882c1853b701b3cef3721758d80535413dbfd" />
    <meta name="yandex-verification" content="d8a47e95d0972434" />
    <meta name="localized" content="true" />
    <meta name="st:robots" content="follow,index" />
    <meta property="og:image" content="https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt280217a63b82a734/6202d3378b1f312528798412/elastic-logo.svg" />
    <meta property="og:image:width" content="500" />
    <meta property="og:image:height" content="172" />
    <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
    <link rel="icon" href="/favicon.ico" type="image/x-icon">
    <link rel="apple-touch-icon-precomposed" sizes="64x64" href="/favicon_64x64_16bit.png">
    <link rel="apple-touch-icon-precomposed" sizes="32x32" href="/favicon_32x32.png">
    <link rel="apple-touch-icon-precomposed" sizes="16x16" href="/favicon_16x16.png">
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
    <link rel="stylesheet" type="text/css" href="/guide/static/styles.css" />
  </head>

  <!--© 2015-2022 Elasticsearch B.V. -->
  <!-- All Elastic documentation is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License. -->
  <!-- http://creativecommons.org/licenses/by-nc-nd/4.0/ -->

  <body>
    <!-- Google Tag Manager -->
    <script>dataLayer = [];</script><noscript><iframe src="//www.googletagmanager.com/ns.html?id=GTM-58RLH5" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
    <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-58RLH5');</script>
    <!-- End Google Tag Manager -->

    <!-- Global site tag (gtag.js) - Google Analytics -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-12395217-16"></script>
    <script>
      window.dataLayer = window.dataLayer || [];
      function gtag(){dataLayer.push(arguments);}
      gtag('js', new Date());
      gtag('config', 'UA-12395217-16');
    </script>

    <!-- Google Tag Manager for GA4 -->
    <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-KNJMG2M');</script>
    <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-KNJMG2M" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
    <!-- End Google Tag Manager for GA4-->

    <div id='elastic-nav' style="display:none;"></div>
    <script src='https://www.elastic.co/elastic-nav.js'></script>

    <div class="main-container">
      <section id="content" >
        <div class="content-wrapper">

          <section id="guide" lang="en">
            <div class="container-fluid">
              <div class="row pb-3">
                <div class="col-12 order-2 col-md-4 order-md-1 col-lg-3 h-almost-full-md sticky-top-md" id="left_col">
                  <!-- The TOC is appended here -->
                </div>

                <div class="col-12 order-1 col-md-8 order-md-2 col-lg-7 order-lg-2 guide-section" id="middle_col">
                  <!-- start body -->
                  
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="/guide/">Elastic Docs</a></span>
<span class="chevron-right">›</span><span class="breadcrumb-link"><a href="index.html">Getting Started [8.2]</a></span>
</div>
<div class="navheader">
<span class="prev">
</span>
<span class="next">
<a href="get-started-stack-docker.html">Running the Elastic Stack ("ELK") on Docker »</a>
</span>
</div>
<div class="chapter">
<div class="titlepage"><div><div>
<h1 class="title"><a id="get-started-elastic-stack"></a>Getting started with the Elastic Stack<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h1>
</div></div></div>
<p>Looking for a guide that shows how to quickly install and configure the Elastic Stack
("ELK")? You&#8217;re in the right place! You can install the Elastic Stack on a single VM,
or even on your laptop. Install each component in the following order:</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#install-elasticsearch" title="Install Elasticsearch">Elasticsearch</a>
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#install-kibana" title="Install Kibana">Kibana</a>
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#install-beats" title="Install Beats">Beats</a>
</li>
</ul>
</div>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>Logstash adds powerful data parsing and transformation features, but usually
isn&#8217;t required. To get started with Logstash, see
<a href="/guide/en/logstash/8.2/getting-started-with-logstash.html" class="ulink" target="_top">Getting Started with Logstash</a>.</p>
</div>
</div>
<p>After completing the installation process, learn how to implement a system
monitoring solution that uses Metricbeat to collect server metrics and ship
the data to Elasticsearch. Then use Kibana to search and visualize the data.</p>
<h3><a id="install-prereqs"></a>Before you begin<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h3>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
See the <a href="/support/matrix" class="ulink" target="_top">Elastic Support
Matrix</a> for information about supported operating systems and product
compatibility.
</li>
<li class="listitem">
Verify that your system meets the
<a href="/support/matrix#matrix_jvm" class="ulink" target="_top">minimum JVM requirements</a> for
Elasticsearch.
</li>
</ul>
</div>
<h3><a id="install-elasticsearch"></a>Install Elasticsearch<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h3>
<p><a href="/products/elasticsearch" class="ulink" target="_top">Elasticsearch</a> is a real-time,
distributed storage, search, and analytics engine. It can be used for many
purposes, but one context where it excels is indexing streams of semi-structured
data, such as logs or decoded network packets.</p>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>You can run Elasticsearch on your own hardware, or use our
<a href="/cloud/elasticsearch-service" class="ulink" target="_top">hosted Elasticsearch Service</a>
on Elastic Cloud. The Elasticsearch Service is available on AWS, Microsoft Azure,
and GCP.
<a href="/cloud/elasticsearch-service/signup?baymax=docs-body&amp;elektra=docs" class="ulink" target="_top">Try out the
Elasticsearch Service for free</a>.</p>
</div>
</div>
<p>To download and install Elasticsearch, open a terminal window and use the commands that
work with your system:</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#deb">deb</a> for Debian/Ubuntu
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#rpm">rpm</a> for Redhat/Centos/Fedora
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#mac">mac</a> for OS X
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#linux">linux</a> for Linux
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#win">win</a> for Windows
</li>
</ul>
</div>
<p>When you start Elasticsearch for the first time, security features such as authentication, authorization and network encryption (TLS) for elasticsearch are enabled by default. The following security configuration
occurs automatically:</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<a href="/guide/en/elasticsearch/reference/8.2/configuring-stack-security.html#stack-security-certificates" class="ulink" target="_top">Certificates and keys</a> for TLS are
generated for the transport and HTTP layers.
</li>
<li class="listitem">
The TLS configuration settings are written to <code class="literal">elasticsearch.yml</code>.
</li>
<li class="listitem">
A password is generated for the <code class="literal">elastic</code> user.
</li>
<li class="listitem">
An enrollment token is generated for Kibana.
</li>
</ul>
</div>
<p>You can then start Kibana and enter the enrollment token to securely connect
Kibana with Elasticsearch. The enrollment token is valid for 30 minutes.</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>On <code class="literal">deb</code> and <code class="literal">rpm</code> installations, an enrollment token isn&#8217;t generated for Kibana
during installation. To generate an enrollment token for Kibana, use the
<a href="/guide/en/elasticsearch/reference/8.2/create-enrollment-token.html" class="ulink" target="_top"><code class="literal">elasticsearch-create-enrollment-token</code></a> tool.</p>
</div>
</div>
<p><a id="deb"></a><span class="strong strong"><strong>deb:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.2.3-amd64.deb
sudo dpkg -i elasticsearch-8.2.3-amd64.deb
sudo /etc/init.d/elasticsearch start</pre>
</div>
<p><a id="rpm"></a><span class="strong strong"><strong>rpm:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.2.3-x86_64.rpm
sudo rpm -i elasticsearch-8.2.3-x86_64.rpm
sudo service elasticsearch start</pre>
</div>
<p><a id="mac"></a><span class="strong strong"><strong>mac:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.2.3-darwin-x86_64.tar.gz
tar -xzvf elasticsearch-8.2.3-darwin-x86_64.tar.gz
cd elasticsearch-8.2.3
./bin/elasticsearch</pre>
</div>
<p><a id="linux"></a><span class="strong strong"><strong>linux:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.2.3-linux-x86_64.tar.gz
tar -xzvf elasticsearch-8.2.3-linux-x86_64.tar.gz
cd elasticsearch-8.2.3
./bin/elasticsearch</pre>
</div>
<p><a id="win"></a><span class="strong strong"><strong>win:</strong></span></p>
<div class="olist orderedlist">
<ol class="orderedlist">
<li class="listitem">
Download the Elasticsearch 8.2.3 Windows zip file from the
<a href="/downloads/elasticsearch" class="ulink" target="_top">Elasticsearch download</a> page.
</li>
<li class="listitem">
Extract the contents of the zip file to a directory on your computer, for
example, <code class="literal">C:\Program Files</code>.
</li>
<li class="listitem">
<p>Open a command prompt as an Administrator and navigate to the directory that
contains the extracted files, for example:</p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">cd C:\Program Files\elasticsearch-8.2.3</pre>
</div>
</li>
<li class="listitem">
<p>Start Elasticsearch:</p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">bin\elasticsearch.bat</pre>
</div>
</li>
</ol>
</div>
<p>For other operating systems, go to the
<a href="/downloads/elasticsearch" class="ulink" target="_top">Elasticsearch download</a> page.</p>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>The default <a href="/guide/en/elasticsearch/reference/8.2/important-settings.html#cluster-name" class="ulink" target="_top">cluster.name</a> and
<a href="/guide/en/elasticsearch/reference/8.2/important-settings.html#node-name" class="ulink" target="_top">node.name</a> are <code class="literal">elasticsearch</code> and your hostname,
respectively. If you plan to keep using this cluster or add more nodes, it is a
good idea to change these default values to unique names. For details about
changing these and other settings in the <code class="literal">elasticsearch.yml</code> file, see
<a href="/guide/en/elasticsearch/reference/8.2/settings.html" class="ulink" target="_top">Configuring Elasticsearch</a>.</p>
</div>
</div>
<p>To learn more about installing, configuring, and running Elasticsearch, read the
<a href="/guide/en/elasticsearch/reference/current/index.html" class="ulink" target="_top">Elasticsearch Reference</a>.</p>
<h4><a id="_make_sure_that_elasticsearch_is_up_and_running"></a>Make sure that Elasticsearch is up and running<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>Open a new terminal and verify that you can connect to your Elasticsearch cluster by
making an authenticated call. Enter the password for the <code class="literal">elastic</code> user when
prompted:</p>
<div class="pre_wrapper lang-shell">
<pre class="programlisting prettyprint lang-shell">curl --cacert $ES_PATH_CONF/certs/http_ca.crt -u elastic https://localhost:9200</pre>
</div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">--cacert</code>
</span>
</dt>
<dd>
Path to the generated <code class="literal">http_ca.crt</code> certificate for the HTTP layer. This file
is created in the Elasticsearch configuration directory, which is defined by the
<code class="literal">$ES_PATH_CONF</code> <a href="/guide/en/elasticsearch/reference/8.2/settings.html#config-files-location" class="ulink" target="_top">environment variable</a>.
</dd>
</dl>
</div>
<p>On Windows, if you don&#8217;t have cURL installed, point your browser to the URL.</p>
<p>You should see a response similar to this:</p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">{
  "name" : "QtI5dUu",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "v8OWkR1OQO-rgV8o_lRhEA",
  "version" : {
    "number" : "8.2.3",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "f4d76bd413ecfbd5122c3aa5dc85465960f18afe",
    "build_date" : "2021-10-27T22:47:53.634020433Z",
    "build_snapshot" : false,
    "lucene_version" : "9.0.0",
    "minimum_wire_compatibility_version" : "7.16.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}</pre>
</div>
<h3><a id="install-kibana"></a>Install Kibana<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h3>
<p><a href="/products/kibana" class="ulink" target="_top">Kibana</a> is an open source analytics and
visualization platform designed to work with Elasticsearch. You use Kibana to search,
view, and interact with data stored in Elasticsearch indices. You can easily perform
advanced data analysis and visualize your data in a variety of charts, tables,
and maps.</p>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>Running our hosted Elasticsearch Service on <a href="/cloud" class="ulink" target="_top">Elastic Cloud</a>?
Kibana is enabled automatically in most templates.</p>
</div>
</div>
<p>We recommend that you install Kibana on the same server as Elasticsearch, but it&#8217;s not
required. If you install the products on different servers, you&#8217;ll
need to change the URL (IP:PORT) of the Elasticsearch server in the Kibana configuration
file, <code class="literal">kibana.yml</code>, before starting Kibana.</p>
<p>To download and install Kibana, open a terminal window and use the commands that
work with your system:</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#deb-rpm-linux">deb</a> for Debian/Ubuntu/Redhat/Centos/Fedora
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#kibana-mac">mac</a> for OS X
</li>
<li class="listitem">
<a class="xref" href="get-started-elastic-stack.html#kibana-win">win</a> for Windows
</li>
</ul>
</div>
<p>If this is the first time you&#8217;re starting Kibana, this command generates a
unique link in your terminal to enroll your Kibana instance with Elasticsearch.</p>
<div class="olist orderedlist">
<ol class="orderedlist">
<li class="listitem">
In your terminal, click the generated link to open Kibana in your browser.
</li>
<li class="listitem">
In your browser, paste the enrollment token that was generated in the terminal
when you started Elasticsearch, and then click the button to connect your Kibana instance
with Elasticsearch.
</li>
<li class="listitem">
Log in to Kibana as the <code class="literal">elastic</code> user with the password that was generated
when you started Elasticsearch.
</li>
</ol>
</div>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>If you need to reset the password for the <code class="literal">elastic</code> user or other
built-in users, run the <a href="/guide/en/elasticsearch/reference/8.2/reset-password.html" class="ulink" target="_top"><code class="literal">elasticsearch-reset-password</code></a> tool.
To generate new enrollment tokens for Kibana or Elasticsearch nodes, run the
<a href="/guide/en/elasticsearch/reference/8.2/create-enrollment-token.html" class="ulink" target="_top"><code class="literal">elasticsearch-create-enrollment-token</code></a> tool.
These tools are available in the Elasticsearch <code class="literal">bin</code> directory.</p>
</div>
</div>
<p><a id="deb-rpm-linux"></a><span class="strong strong"><strong>deb, rpm, or linux:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/kibana/kibana-8.2.3-linux-x86_64.tar.gz
tar xzvf kibana-8.2.3-linux-x86_64.tar.gz
cd kibana-8.2.3-linux-x86_64/
./bin/kibana</pre>
</div>
<p><a id="kibana-mac"></a><span class="strong strong"><strong>mac:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/kibana/kibana-8.2.3-darwin-x86_64.tar.gz
tar xzvf kibana-8.2.3-darwin-x86_64.tar.gz
cd kibana-8.2.3-darwin-x86_64/
./bin/kibana</pre>
</div>
<p><a id="kibana-win"></a><span class="strong strong"><strong>win:</strong></span></p>
<div class="olist orderedlist">
<ol class="orderedlist">
<li class="listitem">
Download the Kibana 8.2.3 Windows zip file from the
<a href="/downloads/kibana" class="ulink" target="_top">Kibana download</a> page.
</li>
<li class="listitem">
Extract the contents of the zip file to a directory on your computer, for
example, <code class="literal">C:\Program Files</code>.
</li>
<li class="listitem">
<p>Open a command prompt as an Administrator and navigate to the directory that
contains the extracted files, for example:</p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">cd C:\Program Files\kibana-8.2.3-windows</pre>
</div>
</li>
<li class="listitem">
<p>Start Kibana:</p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">bin\kibana.bat</pre>
</div>
</li>
</ol>
</div>
<p>For other operating systems, go to the
<a href="/downloads/kibana" class="ulink" target="_top">Kibana download</a> page.</p>
<p>To learn more about installing, configuring, and running Kibana, read the
<a href="/guide/en/kibana/current/index.html" class="ulink" target="_top">Kibana Reference</a>.</p>
<h4><a id="_access_the_kibana_web_interface"></a>Access the Kibana web interface<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>To access the Kibana web interface, point your browser to port <code class="literal">5601</code>. For example,
<a href="http://127.0.0.1:5601" class="ulink" target="_top">http://127.0.0.1:5601</a>.</p>
<h3><a id="install-beats"></a>Install Beats<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h3>
<p>The Beats are open source data shippers that you install as agents on your
servers to send operational data to Elasticsearch. Beats can send data directly to Elasticsearch
or via Logstash, where you can further process and enhance the data.</p>
<p>Each Beat is a separately installable product. In this guide, you learn how
to install and run Metricbeat with the <code class="literal">system</code> module enabled to collect system
metrics.</p>
<p>To learn more about installing and configuring other Beats, see the Getting
Started documentation:</p>
<div class="informaltable">
<table border="1" cellpadding="4px">
<colgroup>
<col class="col_1"/>
<col class="col_2"/>
</colgroup>
<thead>
<tr>
<th align="left" valign="top">Elastic Beats</th>
<th align="left" valign="top">To capture</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/auditbeat/8.2/auditbeat-installation-configuration.html" class="ulink" target="_top">Auditbeat</a></p></td>
<td align="left" valign="top"><p>Audit data</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/filebeat/8.2/filebeat-installation-configuration.html" class="ulink" target="_top">Filebeat</a></p></td>
<td align="left" valign="top"><p>Log files</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/functionbeat/8.2/functionbeat-installation-configuration.html" class="ulink" target="_top">Functionbeat</a></p></td>
<td align="left" valign="top"><p>Cloud data</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/heartbeat/8.2/heartbeat-installation-configuration.html" class="ulink" target="_top">Heartbeat</a></p></td>
<td align="left" valign="top"><p>Availability monitoring</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/metricbeat/8.2/metricbeat-installation-configuration.html" class="ulink" target="_top">Metricbeat</a></p></td>
<td align="left" valign="top"><p>Metrics</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/packetbeat/8.2/packetbeat-installation-configuration.html" class="ulink" target="_top">Packetbeat</a></p></td>
<td align="left" valign="top"><p>Network traffic</p></td>
</tr>
<tr>
<td align="left" valign="top"><p><a href="/guide/en/beats/winlogbeat/8.2/winlogbeat-installation-configuration.html" class="ulink" target="_top">Winlogbeat</a></p></td>
<td align="left" valign="top"><p>Windows event logs</p></td>
</tr>
</tbody>
</table>
</div>
<h4><a id="install-metricbeat"></a>Install Metricbeat<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>To download and install Metricbeat, open a terminal window and use the commands
that work with your system:</p>
<p><span class="strong strong"><strong>deb:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-8.2.3-amd64.deb
sudo dpkg -i metricbeat-8.2.3-amd64.deb</pre>
</div>
<p><span class="strong strong"><strong>rpm:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-8.2.3-x86_64.rpm
sudo rpm -vi metricbeat-8.2.3-x86_64.rpm</pre>
</div>
<p><span class="strong strong"><strong>mac:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-8.2.3-darwin-x86_64.tar.gz
tar xzvf metricbeat-8.2.3-darwin-x86_64.tar.gz</pre>
</div>
<p><span class="strong strong"><strong>linux:</strong></span></p>
<div class="pre_wrapper lang-sh">
<pre class="programlisting prettyprint lang-sh">curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-8.2.3-linux-x86_64.tar.gz
tar xzvf metricbeat-8.2.3-linux-x86_64.tar.gz</pre>
</div>
<p><span class="strong strong"><strong>win:</strong></span></p>
<div class="olist orderedlist">
<ol class="orderedlist">
<li class="listitem">
Download the Metricbeat Windows zip file from the
<a href="/downloads/beats/metricbeat" class="ulink" target="_top">Metricbeat download</a> page.
</li>
<li class="listitem">
Extract the contents of the zip file into <code class="literal">C:\Program Files</code>.
</li>
<li class="listitem">
Rename the <code class="literal">metricbeat-8.2.3-windows</code> directory to <code class="literal">Metricbeat</code>.
</li>
<li class="listitem">
Open a PowerShell prompt as an Administrator (right-click the PowerShell icon
and select <span class="strong strong"><strong>Run As Administrator</strong></span>).
</li>
<li class="listitem">
<p>From the PowerShell prompt, run the following commands to install Metricbeat
as a Windows service:</p>
<div class="pre_wrapper lang-shell">
<pre class="programlisting prettyprint lang-shell">PS &gt; cd 'C:\Program Files\Metricbeat'
PS C:\Program Files\Metricbeat&gt; .\install-service-metricbeat.ps1</pre>
</div>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>If script execution is disabled on your system, set the execution policy
for the current session to allow the script to run. For example: <code class="literal">PowerShell.exe
-ExecutionPolicy UnRestricted -File .\install-service-metricbeat.ps1</code>.</p>
</div>
</div>
</li>
</ol>
</div>
<p>For other operating systems, go to the
<a href="/downloads/beats" class="ulink" target="_top">Beats download</a> page.</p>
<h4><a id="ship-system-logs"></a>Ship system metrics to Elasticsearch<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>Metricbeat provides pre-built modules that you can use to rapidly implement
and deploy a system monitoring solution, complete with sample dashboards and
data visualizations, in about 5 minutes.</p>
<p>In this section, you learn how to run the <code class="literal">system</code> module to collect metrics
from the operating system and services running on your server. The system module
collects system-level metrics, such as CPU usage, memory, file system, disk IO,
and network IO statistics, as well as statistics for every process
running on your system.</p>
<p><span class="strong strong"><strong>Before you begin</strong></span>: Verify that Elasticsearch and Kibana are running and that Elasticsearch is
ready to receive data from Metricbeat.</p>
<p>To set up the <code class="literal">system</code> module and start collecting system metrics:</p>
<div class="olist orderedlist">
<ol class="orderedlist">
<li class="listitem">
<p>From the Metricbeat install directory, enable the <code class="literal">system</code> module:</p>
<p><span class="strong strong"><strong>deb and rpm:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">sudo metricbeat modules enable system</pre>
</div>
<p><span class="strong strong"><strong>mac and linux:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">./metricbeat modules enable system</pre>
</div>
<p><span class="strong strong"><strong>win:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">PS C:\Program Files\Metricbeat&gt; .\metricbeat.exe modules enable system</pre>
</div>
</li>
<li class="listitem">
<p>Set up the initial environment:</p>
<p><span class="strong strong"><strong>deb and rpm:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">sudo metricbeat setup -e</pre>
</div>
<p><span class="strong strong"><strong>mac and linux:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">./metricbeat setup -e</pre>
</div>
<p><span class="strong strong"><strong>win:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">PS C:\Program Files\Metricbeat&gt; metricbeat.exe setup -e</pre>
</div>
<p>The <code class="literal">setup</code> command loads the Kibana dashboards. If the dashboards are already
set up, omit this command. The <code class="literal">-e</code> flag is optional and sends output to
standard error instead of syslog.</p>
</li>
<li class="listitem">
<p><a id="gs-start-metricbeat"></a>Start Metricbeat:</p>
<p><span class="strong strong"><strong>deb and rpm:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">sudo service metricbeat start</pre>
</div>
<p><span class="strong strong"><strong>mac and linux:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">./metricbeat -e</pre>
</div>
<p><span class="strong strong"><strong>win:</strong></span></p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">PS C:\Program Files\Metricbeat&gt; Start-Service metricbeat</pre>
</div>
</li>
</ol>
</div>
<p>Metricbeat runs and starts sending system metrics to Elasticsearch.</p>
<h4><a id="visualize-system-metrics"></a>Visualize system metrics in Kibana<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>To visualize system metrics, open your browser and navigate to the Metricbeat
system overview dashboard: <a href="http://localhost:5601/app/kibana#/dashboard/Metricbeat-system-overview-ecs" class="ulink" target="_top">http://localhost:5601/app/kibana#/dashboard/Metricbeat-system-overview-ecs</a></p>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>If you don’t see data in Kibana, try changing the date range to a larger
range. By default, Kibana shows the last 15 minutes. If you see errors, make
sure Metricbeat is running, then refresh the page.</p>
</div>
</div>
<p>Click <span class="strong strong"><strong>Host Overview</strong></span> to see detailed metrics about the selected host.</p>
<h4><a id="whats_next"></a>What&#8217;s next?<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/stack-docs/edit/8.2/docs/en/getting-started/get-started-stack.asciidoc">edit</a></h4>
<p>Congratulations! You&#8217;ve successfully set up the Elastic Stack and securely connected
Kibana with Elasticsearch. You learned how to stream system metrics to Elasticsearch and visualize
the data in Kibana.</p>
<p>Next, you&#8217;ll want to <a href="/guide/en/kibana/8.2/managing-licenses.html" class="ulink" target="_top">activate your trial license</a>
to unlock the full capabilities of the Elastic Stack.</p>
<p>Want to get up and running quickly with metrics monitoring and
centralized log analytics? Try out the Metrics app and the Logs app in Kibana.
For more details, see
<a href="/guide/en/observability/8.2/analyze-metrics.html" class="ulink" target="_top">Analyze metrics</a> and
<a href="/guide/en/observability/8.2/monitor-logs.html" class="ulink" target="_top">Monitor logs</a>.</p>
<p>Later, when you&#8217;re ready to set up a production environment, also see the
<a href="/guide/en/elastic-stack/8.2/installing-elastic-stack.html" class="ulink" target="_top">Elastic Stack Installation and Upgrade
Guide</a>.</p>
</div>
<div class="navfooter">
<span class="prev">
</span>
<span class="next">
<a href="get-started-stack-docker.html">Running the Elastic Stack ("ELK") on Docker »</a>
</span>
</div>
</div>

                  <!-- end body -->
                </div>

                <div class="col-12 order-3 col-lg-2 order-lg-3 h-almost-full-lg sticky-top-lg" id="right_col">
                  <div id="sticky_content">
                    <!-- The OTP is appended here -->
                    <div class="row">
                      <div class="col-0 col-md-4 col-lg-0" id="bottom_left_col"></div>
                      <div class="col-12 col-md-8 col-lg-12">
                        <div id="rtpcontainer">
                          <div class="mktg-promo" id="most-popular">
                            <p class="aside-heading">Most Popular</p>
                            <div class="pb-2">
                              <p class="media-type">Video</p>
                              <a href="https://www.elastic.co/webinars/getting-started-elasticsearch?baymax=default&elektra=docs&storm=top-video">
                                <p class="mb-0">Get Started with Elasticsearch</p>
                              </a>
                            </div>
                            <div class="pb-2">
                              <p class="media-type">Video</p>
                              <a href="https://www.elastic.co/webinars/getting-started-kibana?baymax=default&elektra=docs&storm=top-video">
                                <p class="mb-0">Intro to Kibana</p>
                              </a>
                            </div>
                            <div class="pb-2">
                              <p class="media-type">Video</p>
                              <a href="https://www.elastic.co/webinars/introduction-elk-stack?baymax=default&elektra=docs&storm=top-video">
                                <p class="mb-0">ELK for Logs & Metrics</p>
                              </a>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </section>

        </div>


<div id='elastic-footer'></div>
<script src='https://www.elastic.co/elastic-footer.js'></script>
<!-- Footer Section end-->

      </section>
    </div>

<script src="/guide/static/jquery.js"></script>
<script type="text/javascript" src="/guide/static/docs.js"></script>
<script type="text/javascript">
  window.initial_state = {}</script>
  </body>
</html>