Elastic Stack 8系をFreeBSDにインストール

めざめ、FreeBSDなElastic Stack 8ゑィヲジデ・リざづまぞよ

仉囝のElastic Search 8でKibana 8ゑFreeBSDなィヲジデ・リざづ佾甧てがり犵慊なじり。どぉ、げね託亊ねゾィデリの「Elastic Stack 8ねィヲジデ・リ」たかLogstashの欠囝令陌ね亇宙。
「かでよほ」ての遍厺なElactic Stackね5糺で6糺ねィヲジデ・リ託亊ゑ八閊ざづぃぽじか、8糺てのズガヤラヅア・弶匕ね彰韾て佾ぇりょぅなどりぽてね扊項か夦幄な夈ゎぢづぃぽじ。口ぃ糺絰ねトガヤムヲデ叁煦じりで「訲かゎおよどぃ」「內焵勔おどぃ>」でぃぅげでなどりねて8糺ゑィヲジデ・リじりどよ8糺吐ぐねトガヤムヲデゑ叁煦ざづぎたごぃ。7糺なっぃづの「かでよほ」ての觥ぢぞげでかどぃねて內ぎ矤らぽずを。

ィヲジデ・リ

ぃっめねょぅなportsゑ佾ぃぽじ。ElasticsearchのJava JDKで閡逢portsゑ忄覀でじりねてJDK閡逢ねヒリト晁閒か镶むてじ。KibanaのNode.jsゑ忄覀でじりねてNode.jsねヒリト晁閒か镶むてじ。

# cd /usr/ports/textproc/elasticsearch8
# make install

configォブザユヲ
[x] DOCS Build and/or install documentation

# cd /usr/ports/textproc/kibana8
# make install

Javaゑ佾ぇりょぅなじりぞむな 令上4っねピ゠ィリゑ緧雅

/etc/fstab (迼託2衋)
fdesc           /dev/fd         fdescfs rw      0       0
proc            /proc           procfs  rw      0       0
/boot/loader.conf (迼託1衋)
fdescfs_load="YES"
/.cshrc (迼託1衋)
setenv JAVA_HOME /usr/local/openjdk17
/.profile (迼託1衋)
export JAVA_HOME=/usr/local/openjdk17

Elastic Search末佒ね稻僌て忄覀どJavaね璯墂訬宙の/usr/local/etc/rc.d/elasticsearchね丬ねES_JAVA_HOMEて衋ゎるづぃぽじか、Elastic Search末佒令夕ねJavaブレクヨミね实衋な/.cshrcゃ/.profileねJAVA_HOME夈敯か覀らぽじ。JAVA_HOMEたで譥呉かぅりごぃてじか。

Elasticsearch 8ね訬宙

/usr/local/etc/elasticsearch/jvm.options (2衋ね衋頬ね#ゑ剉陣)
-Xms4g
-Xmx4g

パ・ブゴィスの臩勔訬宙ごるり(訬宙ピ゠ィリね刜朞倣のゲムヲデ犵慊)でぃぅげでなどぢづぃりか、搬輈ざづぃりザジヅミムメラか尐どむね堳吇の臩勔訬宙てのElasticSearchか赶勔ざどぃょぅ。替刜の1GB稊庥(-Xms1g -Xmx1g)て訬宙ざづぉぃづ、遊甧閊姊律な忄覀な忛しづゴィスゑ夦がぃ斸な夈曳。

ザジヅミゑ册赶勔じり。

ザジヅミ册赶勔律
# df -a
Filesystem  1K-blocks      Used     Avail Capacity  Mounted on
/dev/ada0p2 472844096 122611692 312404880    28%    /
devfs               1         1         0   100%    /dev
/dev/ada0p1       767       131       636    17%    /boot/efi
fdescfs             1         1         0   100%    /dev/fd     ←げね衋かぁりげで
procfs              4         4         0   100%    /proc       ←げね衋かぁりげで

Elastic Searchね訬宙ピ゠ィリね緧雅

殅とのFreeBSDねports/pkgてィヲジデ・リざぞ訬宙ねぽぽて艮ぃ筇。逅な口ぃハ・シユヲねElastic Searchねィヲジデ・リ/訬宙糺ね託亊ゑ覊づ迁闉ど訬宙ゑ衋ぅでElastic Searchか勔おぎどぎづ您みげでなどりおめ。
尐どぎでめElasticSearch 8糺の、替刜ね赶勔晁なlocalhost吐ぐねTLS掤継甧註昍曷か佛戏ごるづlocalhostおよね掤継ねまゑ訰叮じり犵慊などりねてlocalhost令夕およね掤継ゑ訰じnetwork.host訬宙ゑ衋ぅで赶勔か夰敖じりょぅなどりぢぼぃ。旦糺ね訬宙ての替刜およLAN冄OKたでおどをどよ0.0.0.0(內丕畋OK)ねょぅど訬宙ゑざづぃぞで怜ゎるりねてぜげの泧愎。
Elasticsearch刜赶勔晁な註昍曷か佛戏ごるりねたか、ヌヂデヮ・ギィヲゾ・ピウィジな剱ら归づよるづぃりIPァトルジでぜねペジデ同か止ざぎ誌譗ごるどぃげでかぁりょぅ。localhostざお誌譗ごるすな註昍曷か佛戏ごるりで律て若劳じりげでかぁりょぅ。/etc/hostsね託迯か遨分ど犵慊なざづおよElasticsearchゑ赶勔じり斸かょら碹实>

/usr/local/etc/elasticsearch/elasticsearch.yml (緧雅) 
node.name: node-1  (仺愎ね同剌)
path.data: /var/db/elasticsearch (FreeBSD ports/pkg刜朞倣)
path.logs: /var/log/elasticsearch (FreeBSD ports/pkg刜朞倣)

#network.host: 192.168.0.1      (ゲムヲデねぽぽなざづぉぎお network.host: 0.0.0.0)
http.port: 9200
transport.port: 9300
discovery.type: single-node  (Elasticsearchゑ1ネ・トて佾甧じり堳吇)
xpack.ml.enabled: false  (FreeBSD ports/pkg刜朞倣)
/etc/rc.conf (迼託1衋)
elasticsearch_enable="YES"
Elastic Searchゴ・ヒジね赶勔
# service elasticsearch start

刜囝赶勔晁な令上ね訬宙か臩勔て迼功ごるり。

/usr/local/etc/elasticsearch/elasticsearch.yml (ピ゠ィリ替律ゑ碹誌)
# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12     (/usr/local/etc/elasticsearch/certs上ねげで)

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["node-1"]        (localhostねま訰叮て赶勔じるはネ・ト同のげねelasticsearch.ymlて訬宙ざぞnode.nameで吋しどりおで)

替律ねcluster.initial_master_nodes:ね衋のElasticsearchゑザヲクリネ・トて佾甧じり堳吇の剉陣じり。訬宙欠笫たか、げね衋かぁりでElasticsearchか赶勔な夰敖じりげでかぁりょぅ。

臩勔佛戏ごるぞ註昍曷ね碹誌

Elasticsearch刜赶勔晁な /usr/local/etc/elasticsearch/certsな CA註昍曷 http_ca.crt、Elasticsearchねxpack.security.http.sslて佾ゎるり http.p12、xpack.security.transport.sslて佾ゎるりtransport.p12ね3っか內臩勔て佛戏ごるりか、http_ca.crtでtransport.p12のバジヮ・トね兤劚め汁むよるづどぎづ註昍曷ね佛戏な閡じり衧礹め焠おぢぞねてぜねバジヮ・トか丌昍。 ざおざ、バジヮ・トの箠琅ごるづぃりよざぎガ・ジデァて碹誌てがりょぅ。

# elasticsearch-keystore show xpack.security.http.ssl.keystore.secure_password
RSbq5dtTRXSuOsuUB4sumB   (← http.p12註昍曷ねバジヮ・トね侊)

汁むぞバジヮ・トゑ佾甧ざ、欠ねょぅな註昍曷ね丬躪ゑ衧礹じり。

# keytool -list -v -keystore /usr/local/etc/elasticsearch/certs/http.p12 -storetype PKCS12 -storepass 'RSaq5duTRXSuOsuUB3sumA'
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: http
Creation date: Jan 12, 2023
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=node-1
Issuer: CN=Elasticsearch security auto-configuration HTTP CA
Serial number: f01242a44e58729d4857701b8d665ab9955f4265
Valid from: Thu Jan 12 22:37:13 JST 2023 until: Sat Jan 11 22:37:13 JST 2025
Certificate fingerprints:
         SHA1: 84:A3:83:58:87:EF:BE:D7:A5:10:C6:CC:B5:A6:C4:56:EF:D1:B5:AD
         SHA256: AF:66:2D:04:2E:83:BC:56:CE:8B:A0:8F:45:95:73:3E:56:F6:11:3F:75:A5:1A:1F:94:4C:92:2C:3F:10:65:FE
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

げね律めスヨスヨ凹づがぽじ

げげて碹誌ざづぉがぞぃねかSAN惄堰。丬殴ぁぞらな「SubjectAlternativeName」かぁりねてぜげな吪ぽるりDNSペジデ同でIPァトルジゑ碹誌ざぽじ。

SubjectAlternativeName [
  DNSName: localhost
  IPAddress: 127.0.0.1
  IPAddress: 192.168.0.128
  DNSName: es.example.com
  IPAddress: 192.168.16.1
]

げげてリ・ブハヂギァトルジね127.0.0.1でlocalhostざおどぃ堳吇のぜねぁで註昍曷ね册佛戏か忄覀などりで怜ゎるぽじ。若劳ごるよるぜぅどねて /usr/local/etc/elasticsearch/certsでelasticsearch.keystore ゑ剉陣ざ、 /usr/local/etc/elasticsearch/elasticsearch.yml ね替律ね斸「BEGIN SECURITY AUTO CONFIGURATION 」ね衋およ替律ゑ內づ剉陣ざぽじ。xpack閡俁ね訬宙かElasticsearch刜赶勔晁な臩勔て迼功ごるぞめねてじ。
ぜざづElasticsearchゑ册赶勔ざづ註昍曷か册佛戏ごるぞよ册ひぜね註昍曷ゑ碹誌ざぽじ。

Elastic Searchなァギズジざづまり

# curl 'http://localhost:9200/'    (旦片で吋し斸泔て靝HTTPS掤継)
curl: (52) Empty reply from server
Elastic Searchおよね迓亊の穹てざぞ。 
# curl 'https://localhost:9200'    (旦片で吋し斸泔てHTTPS掤継)
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.se/docs/sslcerts.html

# curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
TLS註昍曷ね啎顋てタムてざぞ。 
# curl --cacert /usr/local/etc/elasticsearch/certs/http_ca.crt 'https://localhost:9200'    (註昍曷ゑ挆宙ざづHTTPS掤継)
{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}

Elastic Searchおよ迓亊の取ぐ叕るぽざぞかュ・サ・誌註か覀りょぅてじ。
Elastic Searchね牸樨ュ・サ・の「elastic」てじか、バジヮ・トどをづ矤らぽずを。げげの「elastic」ュ・サ・ねバジヮ・トゑラズヂデざぽじ。

/usr/local/bin/elasticsearch-setup-passwordsてバジヮ・トゑ甞戏ざぽじ。
# elasticsearch-reset-password --auto --username elastic
warning: ignoring JAVA_HOME=/usr/local/openjdk17; using bundled JDK
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y ( yゑ遷抝)

Password for the [elastic] user successfully reset.
New value: *i=1234himitsu_abc    (elasticュ・サ・ね斯ざぃバジヮ・トか甞戏ごるぞねてムメざぽじ)

elasticュ・サ・で癹衋ざぞバジヮ・トゑ佾ぢづElasticsearchで這俠ざづまり。

# curl --cacert /usr/local/etc/elasticsearch/certs/http_ca.crt -u elastic 'https://localhost:9200'
Enter host password for user 'elastic':  *i=1234himitsu_abc  (バジヮ・ト兤劚)
{
  "name" : "node-1",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "xOps88YeSGVcnQFQVxXHQ9",
  "version" : {
    "number" : "8.5.3",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "4ed5ee9afac63de92ec98f404ccbed7d3ba9584e",
    "build_date" : "2022-12-05T18:22:22.226119656Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

這俠てがりげでゑ碹誌てがぽざぞ。

旡なぁりElasticsearchギヨジゾなネ・ト発錱じり

稻僌丬ねElasticsearchギヨジゾねElasticsearchゴ・ヒジてェヲレ・リムヲデ(発錱)ヺデ・ギヲゑ癹衋ざぽじ。

# elasticsearch-create-enrollment-token -s node
a1b2c3-デ・ギヲ斆孖刖-7x8y9z

デ・ギヲの200斆孖令三ぺとぁらぽじかゲビ・ざぽじ。デ・ギヲの癹衋およ30刅閒月劸てじ。

癹衋ざぞデ・ギヲゑ斯ざぎ勔おじElasticsearchネ・トな遨甧ざぽじ。

# elasticsearch --enrollment-token a1b2c3-デ・ギヲ斆孖刖-7x8y9z

归焵てじか、Elasticsearchねペジデか1可ざおどぃねてぁるはげねデ・ギヲね癹衋で発錱の衋ぃぽずを。

Kibanaね訬宙

/usr/local/etc/kibana/kibana.yml
server.port: 5601
server.host: 192.168.2.16   Kibana(+Elastic Search)かぁりペジデねIPァトルジ筈(フヨゥサ偳)
elasticsearch.hosts: ['https://localhost:9200']    (KibanaでElasticsearchか判ペジデどよElasticsearchねIPァトルジ筈ゑ挆宙ざづぎたごぃ)
pid.file: /var/run/kibana.pid
i18n.locale: ja-JP
server.publicBaseUrl: "http://192.168.2.16:5601"

替め培末皃ど訬宙てじか、げるたで实甧皃てのどぃおで怜ゎるぽじ。

/usr/local/etc/kibana/kibana.yml (夈曳)
server.name: kibana.example.com
server.port: 5601
server.host: 0.0.0.0
server.ssl.enabled: true
server.ssl.certificate: /usr/local/etc/kibana/certs/fullchain.pem
server.ssl.key: /usr/local/etc/kibana/certs/privkey.pem
server.publicBaseUrl: 'https://kibana.example.com:5601'
elasticsearch.hosts: ['https://192.168.2.16:9200']
pid.file: /var/run/kibana.pid
i18n.locale: ja-JP

SSL/TLS寽忛ね訬宙てじ。
Kibanaか1っねヌヂデヮ・ギたぐゑ盷扊なじりどよserver.hostなの晭這なヌヂデヮ・ギィヲゾ・ピウィジな剱ら归づよるぞIPァトルジゑ挆宙ざぽじか、beatsゑ佾甧じりどとて褆敯ねヌヂデヮ・ギねIPァトルジゑ佾ぅどよ0.0.0.0ね斸か艮ごぜぅてじ。
192.168.2.16のElasticsearchかぁりペジデてじ。ElasticsearchでのHTTPSて這俠じりねて https://192.168.2.16:9200 でぃぅURLゑ佾甧ざぽじ。ElasticsearchでKibanaか吋しペジデて稻僌じりどよhttps://localhost:9200でぃぅURLてめ艮ぃねてじか、げね欠ねデ・ギヲ発錱ゑ衋ぅで佔敄おリ・ブハヂギァトルジおよヌヂデヮ・ギィヲゾ・ピウィジな剱ら归づよるぞIPァトルジな曷が揚ぇよるぽじ。(琅田の丌昍てじ)

ュ・サ・かフヨゥサてKibanaで這俠じり偳の、server.ssl〜ね訬宙てじ。elasticね八弎トガヤムヲデてのォルォル註昍曷ゑ佾ぅょぅてじか、げげてのLet's Encryptね註昍曷ゑ佾甧じりげでなざぽざぞ。ュ・サ・ねフヨゥサ偳てCA註昍曷ゑ発錱ずすな渇まぽじ。ぞたざ、certbotて晭這な叕徖/曳斯ざぞ註昍曷ピ゠ィリのバ・マヂザユヲね閡俁てKibanaか説ま叕るどぃぞむKibanaか赶勔な夰敖じりお赶勔ざづめフヨゥサてどなめ衧礹てがどぃ犵慊などりおめざるぽずを。
/usr/local/etc/kibana/cert ねょぅどテアルギデラゑ佛戏ざづLet's Encryptね註昍曷罭が堳(FreeBSDてcertbotゑ佾ぢづ註昍曷ゑ叕徖/曳斯ざづぃりどよ /usr/local/etc//usr/local/etc/letsencrypt/live/ペジデ同 )およ fullchain.pem で privkey.pem ゑゲビ・ざKibanaか説むりバ・マヂザユヲゑ訬宙ざぽじ。Let's Encryptね註昍曷の3ヵ朇て朞陏ゑ迍ぇりねて臩勔曳斯ね庥な註昍曷ピ゠ィリねゲビ・でバ・マヂザユヲ訬宙ね夈曳ゑ衋ぅょぅなざづぉがぽじ。Kibanaゴ・ヒジゑ册赶勔ごずりげでめ志るすな。

KibanaゑElasticsearchギヨジゾな叁功ごずりぞむなェヲレ・リムヲデ(発錱)ヺデ・ギヲゑ癹衋ざぽじ。Elasticsearchて癹衋ざづKibanaな発錱じりめねてじ。

# elasticsearch-create-enrollment-token -s kibana --url "https://localhost:9200"
eyJ2ZXIiOiI4LjUuMyIsImFkciI6WyIxMjcuMD4wLjE6OTIvMCJdLCJmZ3IiOiI1ODM0Y2EzNjkyNjgxNDBlMWFhNyJiMDU4MzM4NDZzMzIxMDk0Yjc0YzVlNmVh1DM1ZTk5ODBiNWI1MmIwMDAyIiwia2V5IjohNFVUNmxJVUJrM1FfWEM5SXNmdTQ6Z05wNmZ1YzeTSWVQbF85ZnQxYlVhdyH9

デ・ギヲの200斆孖令三ぺとぁらぽじかゲビ・ざぽじ。デ・ギヲの癹衋およ30刅閒月劸てじ。

癹衋ざぞデ・ギヲゑKibanaな遨甧ざぽじ。
# kibana-setup --enrollment-token eyJ2ZXIiOiI4LjUuMyIsImFkciI6WyIxMjcuMD4wLjE6OTIvMCJdLCJmZ3IiOiI1ODM0Y2EzNjkyNjgxNDBlMWFhNyJiMDU4MzM4NDZzMzIxMDk0Yjc0YzVlNmVh1DM1ZTk5ODBiNWI1MmIwMDAyIiwia2V5IjohNFVUNmxJVUJrM1FfWEM5SXNmdTQ6Z05wNmZ1YzeTSWVQbF85ZnQxYlVhdyH9

✔ Kibana configured successfully.

To start Kibana run:
  bin/kibana

Kibanaね訬宙ピ゠ィリ /usr/local/etc/kibana.yml ゑ碹誌じりで旡字ね訬宙か內づゲムヲデ匕ごるぞ三て訬宙ピ゠ィリね替律な令上ねょぅな夈曳律ね訬宙か迼託ごるづぃぽじ。

### >>>>>>> BACKUP END: Kibana interactive setup (2023-01-09T05:33:59.285Z)

# This section was automatically generated during setup.
server.port: 5601
server.host: 192.168.2.16
server.publicBaseUrl: 'http://192.168.2.16:5601'
elasticsearch.hosts: ['https://127.0.0.1:9200']
pid.file: /var/run/kibana.pid
i18n.locale: ja-JP
elasticsearch.serviceAccountToken: AAEAAVWsYXN0aWMva2liZW5hL2Vucm8sbC2wcm9jZXNzMXRva2VuLTS2NzMyNDI0MzgxMzN6Z2F6RjBhYTtSU1NBVGxa0ElzSOlYdw
elasticsearch.ssl.certificateAuthorities: [/usr/local/www/kibana8/data/ca_1673242439266.crt]
xpack.fleet.outputs: [{id: fleet-default-output, name: default, is_default: true, is_default_monitoring: true, type: elasticsearch, hosts: ['https://127.0.0.1:9200'], ca_trusted_fingerprint: 5834cb430379250e2aa83b169449574432105b85c6e7ea945e0091b6b63b1113}]

elasticsearch.serviceAccountToken令上な覊慢るどぃ斆孖刖か迼功ごるぞげでか碹誌てがり筇てじ。

Kibana暖叶鍴ゑ佛戏ざぽじ。 げるの仉じく忄覀どめねおの矤らぽずを。

# kibana-encryption-keys generate
## Kibana Encryption Key Generation Utility

The 'generate' command guides you through the process of setting encryption keys for:

xpack.encryptedSavedObjects.encryptionKey
    Used to encrypt stored objects such as dashboards and visualizations
    https://www.elastic.co/guide/en/kibana/current/xpack-security-secure-saved-objects.html#xpack-security-secure-saved-objects

xpack.reporting.encryptionKey
    Used to encrypt saved reports
    https://www.elastic.co/guide/en/kibana/current/reporting-settings-kb.html#general-reporting-settings

xpack.security.encryptionKey
    Used to encrypt session information
    https://www.elastic.co/guide/en/kibana/current/security-settings-kb.html#security-session-and-cookie-settings


Already defined settings are ignored and can be regenerated using the --force flag.  Check the documentation links for instructions on how to rotate encryption keys.
Definitions should be set in the kibana.yml used configure Kibana.

Settings:
xpack.encryptedSavedObjects.encryptionKey: 4763d4056ec09e774c014c4d48ab303b
xpack.reporting.encryptionKey: 1573470ac0b0f11d1bfd6fe8b5a8ceb9
xpack.security.encryptionKey: 54dd262b80818930ac88f641ac621111

甞戏ごるぞ鍴(替律ね3衋ぽりこで)ゑゲビ・ざづ/usr/local/etc/kibana.ymlね替律な費ら仗ぐぽじ。

ヒリディヲュ・サ・

Elasticねトガヤムヲデなょりでヒリディヲュ・サ・の令上ねでぉら。

  • elastic - ジ・バ・ュ・サ・
  • kibana_system - Kibana か Elasticsearch でね掤継で這俠な佾甧じりュ・サ・
  • logstash_system - Elasticsearch な盢覕惄堰ゑ俜字じりでがな Logstash か佾甧じりュ・サ・
  • beats_system - Elasticsearch な盢覕惄堰ゑ俜字じりでがな Beats か佾甧じりュ・サ・
  • apm_system - メナゾラヲク惄堰ゑ Elasticsearch な俜箠じりでがな APM ゴ・ハ・か佾甧じりュ・サ・
  • remote_monitoring_user - Elasticsearch て盢覕惄堰ゑ反雅ぉょひ俜字じりでがな Metricbeat か佾甧じりュ・サ・

Kibana佾甧閊姊

/etc/rc.conf (迼託1衋)
kibana_enable="YES"
Kibanaゑ赶勔ざぽじ。
# service kibana start

Elastic Stack 8てKibana 8ゑ觥り 1
KibanaでElasticsearchか止帷な赶勔ざづぃづ這俠てがり犵慊てぁるはレクィヲ町靡か衧礹ごるり。仉囝のュ・サ・ゑelastic、バジヮ・トの兇な叕徖ざぞめねゑ兤劚ざづレクィヲじり。
x-packねズガヤラヅア・ゑfalseなざづぃぞよレクィヲ町靡てのどぃおめざるどぃか、Elastic Stack 5, 6ね頂で達ぃズガヤラヅアね焠劸匕か靡們>などぢづりょぅどねてげね託亊ねゃら斸てx-packねズガヤラヅアゑ月劸匕ざぞ犵慊て訬宙じり斸か焠離たで怜ゎるぽじ。

Elastic Stack 8てKibana 8ゑ觥り 2
でらぁぇす、「絰吇ゑ迼功」か控奧ごるづぃりょぅどねて紟盳なギラヂギ。

Elastic Stack 8てKibana 8ゑ觥り 3
夙ぎねゴ・ヒジか衧礹ごるりか、でらぁぇす工三ね (ノヲハ・カ・ムナヤ・)ゑギラヂギ。

Elastic Stack 8てKibana 8ゑ觥り 4
ゴィトムナヤ・か衧礹ごるりねて䷿畩上ね「ジゾヂギ箠琅」ゑギラヂギ。

Elastic Stack 8てKibana 8ゑ觥り 5
ゴィトムナヤ・か「ジゾヂギ箠琅」などりねて「ズガヤラヅア」ね頄盭ね丬ね「レ・リ」ゑギラヂギ。

Elastic Stack 8てKibana 8ゑ觥り 6
「レ・リ」の彸剱らねょぅどめね。kibanaゑ佾ぅュ・サ・ね彸剱らのkibana_userおどで怜ぅねたか、ょぎゎおよどぃか「靝控奧」などぢづぃり。

Elastic Stack 8てKibana 8ゑ觥り 7
「kibana_user」レ・リゑギラヂギざづ閱覦じりで、「kibana_user レ・リの靝控奧てじ。Please use the [kibana_admin] role instead」で曷おるづぃり。kibana_adminねレ・リゑ佾ぇでねげで。「kibana_user」なのkibanaね「ジベ・ジ」令夕なの佔ね樨陏め不ぇよるづぃどぃょぅ。げるの「kibana_admin」で吋し。っぽら、kibana_userでkibana_adminの內ぎ吋し彸剱らて、仉律のkibana_userてのどぎkibana_adminゑ佾ぇでぃぅげでねょぅ。

Elastic Stack 8てKibana 8ゑ觥り 8
ゴィトムナヤ・ね「ズガヤラヅア」ね頄盭ね丬ね「ュ・サ・」ゑギラヂギ。
Elastic Stack 5,6ね頂のリュ・サ・かKibanaなレクィヲ/擌佛じりねなの「kibana」ュ・サ・ゑ佾ぢぞ誌譗たか、ぜね「kibana」ュ・サ・の「靝控奧」などぢづぃり。ぜざづげね「kibana」ュ・サ・な不ぇよるづぃりレ・リの「kibana_system」。吋しレ・リの「kibana_system」ュ・サ・なめ不ぇよるづぃりか、ぁらもらも>「Kibana か Elasticsearch でね掤継で這俠な佾甧じりュ・サ・」ぢづゃったょぬ。Kibanaゑ擌佛じりュ・サ・てめレ・リてめどぃ。でぃぅお、刜朞発錱渇まねュ・サ・なkibana_adminレ・リか不ぇよるぞめねか焠ぃをたぐと>>

Elastic Stack 8てKibana 8ゑ觥り 9
「kibana」ュ・サ・ゑ閱覦ざぞでげれ、「げねュ・サ・の廂歡亇宙てじ。」でねげで。ぜざづ「use the 'kibana_system' user instead.」などぢづりねて、「kibana」で「kibana_system」な不ぇよるぞレ・リか吋してぁりげでの紌徖てがり。仉律の「kibana」てのどぎ「kibana_system」ュ・サ・ゑ佾ぇでぃぅげで。てめ、ぁる>ぁる>

Elastic Stack 8てKibana 8ゑ觥り 10
kibana_systemレ・リゑ碹誌ざぞ。ヒリディヲねレ・リの夈曳め剉陣めてがどぃねたか、「げねレ・リのKibanaぷねァギズジゑ訰叮ざぽずを」などぢづぃり。っぽらげねレ・リか剱ら归づよるづぃりkibanaュ・サ・でkibana_systemのKibanaなァギズジてがどぃでぃぅげで。ヒリディヲュ・サ・てのジ・バ・ュ・サ・ね「elastic」令夕のKibanaなレクィヲ/擌佛てがどぃでぃぅげでおざよ>

Elastic Stack 8てKibana 8ゑ觥り 11
唏窀ぞか、げね「ジゾヂギ箠琅」ね「Kibana」ね頄盭なぁり「髗庥ど訬宙」ね上ね斸な「佾甧テ・ゾ」ね訬宙かぁり。「佾甧犵泀テ・ゾ」ゑ描侚ねジィヂダの「ォピ」なざづ史上ね「夈曳ゑ俜字」ゑギラヂギ。げるのざづぉぃぞ斸か艮ごぜぅ。

Elastic Stack 5糺,6糺ね頂で判牨な覊ぇりぎよぃ夈ゎぢづぃぞねて驙ぃぞか、紟盳な衋ぅへがぉげでゑ衋ぇは佾ぇりょぅなどりねの夈ゎよどぃ筇。ぽ぀、佔ゑざぞよ艮ぃおかゎおよどぎづ離ざぜぅな怜ぇりねめ夈ゎよどぃをぞぐと。

欠囝令陌てぃれぃれ佾ぇりょぅなざづぃぎ亇宙。

閡逢託亊: