Services
- Elasticsearch (search engine & storage)
- Kibana (web UI for visualization)
- Logstash (data processing pipeline)
Accessing Services
- Kibana Web UI:
http://<server-ip>:5601 - Elasticsearch API:
http://<server-ip>:9200 - Elasticsearch Internal Cluster Communication: 127.0.0.1:9300
Credentials
- Username:
elastic - Password: stored in
/root/.cloudzy-creds
Important Directories
- Config:
/etc/{service}/ - Data:
/var/lib/{service}/ - Logs:
/var/log/{service}/ - Binaries:
/usr/share/{service}/bin/ - Plugins (Elasticsearch and Kibana):
/usr/share/{elasticsearch|kibana}/plugins/
Service Management
systemctl status <service> # Check status
systemctl restart <service> # Restart
systemctl stop <service> # Stop
systemctl start <service> # Start
Replace <service> with elasticsearch, kibana, or logstash.
System Users
elasticsearch– runs Elasticsearch servicekibana– runs Kibana servicelogstash– runs Logstash service
Logstash Pipeline Usage
Run pipelines as logstash user, not root:
sudo -u logstash /usr/share/logstash/bin/logstash -e 'input { stdin { } } output { stdout { } }'