Docs / Databases / How to Set Up the ELK Stack on Linux

How to Set Up the ELK Stack on Linux

By Admin · Mar 1, 2026 · Updated Apr 23, 2026 · 27 views · 1 min read

How to Set Up the ELK Stack on Linux

The ELK Stack (Elasticsearch, Logstash, Kibana) provides centralized log management and visualization for your Breeze infrastructure.

Install Elasticsearch

Follow the Elasticsearch installation for your Breeze, then configure it for single-node mode:

sudo apt install elasticsearch -y
sudo systemctl enable --now elasticsearch

Install Logstash

Logstash ingests and transforms log data:

sudo apt install logstash -y

Create a pipeline at /etc/logstash/conf.d/syslog.conf:

input {
  file {
    path => "/var/log/syslog"
    start_position => "beginning"
  }
}
filter {
  grok {
    match => { "message" => "%{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST:host} %{DATA:program}: %{GREEDYDATA:log_message}" }
  }
}
output {
  elasticsearch {
    hosts => ["http://localhost:9200"]
    index => "syslog-%{+YYYY.MM.dd}"
  }
}

Install Kibana

sudo apt install kibana -y
sudo systemctl enable --now kibana

Edit /etc/kibana/kibana.yml to bind to localhost:

server.host: "127.0.0.1"
elasticsearch.hosts: ["http://localhost:9200"]

Access Kibana

  • Set up an Nginx reverse proxy to expose Kibana securely
  • Create index patterns in Kibana matching syslog-*
  • Build dashboards to visualize log trends across your Breeze fleet

The ELK Stack transforms raw logs into actionable insights for your Breeze operations.

Was this article helpful?

Related Articles