How to install Elasticsearch

Elasticsearch is a free open-source analytics application capable of storing and recalling big data in real-time. It’s a great option for anyone searching through large amounts of data on a regular basis. Elasticsearch can also be installed along with Logstash, Kibana, and Beats for a powerful security information and event management (SIEM) application called the Elastic Stack, or ELK Stack.

Even when not accompanied by the rest of the ELK Stack, it may be preferred over the popular ArcSight and Splunk SIEM tools because of the price (free) and Elasticsearch integrations for many popular web applications today including Drupal, Ansible, and Wireshark.

In this article, we’ll cover how to:

Get the best in security and performance without the high price with our Managed Linux VPS Hosting.

Installing Elasticsearch

The easiest way to install Elasticsearch is from their repositories instead of the OS default repos. This is still an easier option compared to a manual installation and ensures you’ll be able easily keep Elasticsearch updated.

Install Elasticsearch on CentOS

  1. SSH into your server as root.
  2. Download the Elasticsearch PGP key:
    rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch 
  3. Create an elasticsearch.repo file in /etc/yum.repos.d/ using Nano, VIM, or Emacs:
    nano /etc/yum.repos.d/elasticsearch.repo
  4. Add the following to the file:
    [elasticsearch]name=Elasticsearch repository for 7.x packages
    baseurl=https://artifacts.elastic.co/packages/7.x/yum
    gpgcheck=1
    gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
    enabled=0
    autorefresh=1
    type=rpm-md
  5. Save changes.
  6. Now install Elasticsearch:
    sudo yum install --enablerepo=elasticsearch elasticsearch 

    The configured repository is disabled by default to prevent upgrading Elasticsearch when upgrading the rest of the system. Therefore, installation and upgrade commands must explicitly enable the repo.

  7. Open port 9200 in your firewall: Firewalld, UFW, CSF, etc. Or if you need to use another port, edit the Elasticsearch YAML file.
  8. Check that Elasticsearch is running on an open port:
    curl –X GET localhost:9200 
  9. If you receive curl: (7) Failed connect to localhost:9200; Connection refused, check your Firewalld settings again.

Install Elasticsearch on Debian

  1. SSH into your server as root.
  2. Download the Elasticsearch PGP key:
    wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
  3. Install apt-transport-https to access packages with an SSL (HTTPS) connection:
    sudo apt-get install apt-transport-https
  4. Add the Elastic repo to a new elastic-7.x.list file:
    echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list
  5. Install Elasticsearch:
    sudo apt-get update && sudo apt-get install elasticsearch 

Setting Elasticsearch as a System Service

Use the following command to start Elasticsearch now:

systemctl start elasticsearch

Use the following command to enable Elasticsearch to automatically start upon system reboot:

systemctl enable elasticsearch

Use the following command to check for any issues related to starting or enabling Elasticsearch:

systemctl status elasticsearch

Configuring Elasticsearch

To make changes to Elasticsearch, edit the Elasticsearch YAML file:

nano /etc/elasticsearch/elasticsearch.yml

By default, Elasticsearch uses port 9200 or the next available port between 9200-9300. If you need to specify a different Elasticsearch port, change the following line and remove the # at the beginning:

#http.port: 9200

Ensure Elasticsearch is running on an open port, changing localhost to your domain or other hostname as needed:

curl –X GET localhost:9200

To find your server IP in the command line, use hostname -i

If this Elasticsearch installation will join a node cluster, change the hostname to a server IP address or server hostname and remove the # at the beginning of the following line:

#network.host: 192.168.0.1

You can also create descriptive node name for easier navigation among cluster setups by modifying the following line:

#node.name: node-1
Installing ElasticPress in WordPress dashboard

Elasticsearch with WordPress

WordPress users that work with WP_Query objects can use the Elasticsearch search engine with ElasticPress in WordPress.

Elasticsearch Query DSL

To get started, read about how to use the Elasticsearch Query domain specific language (DSL) for working with indexes or create Elasticsearch documents.

J
Jacqueem Technical Writer

Technical writer focused on cybersecurity and musicianship.

More Articles by Jacqueem

Thoughts on “How to install Elasticsearch

  • How does one make this CageFS (CloudLinux) compatible? I’ve tried my regular methods, but I cannot seem to get it carried throughout the Cage.

  • Can this installation happen on your shared hosting packages ?! Or is it a must to have a VPS to make this work ?

    • This must be performed on a VPS at least, because it requires root access. However, if you have WordPress, there are plugins like Jetpack which uses Elasticsearch in their premium version to make searching your site faster.

  • Thx for your guide, it was almost perfect in my case. What I changed was, in step 4:

     

    [elasticsearch-1.7]

    name=Elasticsearch repository for 1.7.x packages

    baseurl=https://packages.elastic.co/elasticsearch/1.7/centos

    gpgcheck=1

    gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch

    enabled=1

     

    And then 

    sudo nano /etc/elasticsearch/elasticsearch.yml

    using these options:

    network.host: 0.0.0.0

    http.port: 9200

    And finally,

    sudo service elasticsearch start

     

    • Hello Amit,

      Thank you for contacting. We recently tested this article successfully, and everything seems to be working.

      What issues are you having with the guide?

      Are getting any errors? What are they?

      Thank you,
      John-Paul

  • This page needs updated, the URL for the repository is now packages.elastic.co. Also, newer versions exist beyond 1.4.

     

  • Hello,

    After struggling a bit, I managed to get it running. For some reasons, my webservices which are calling the elastic client, are only working inside a specific folder.

    Thanks anyway!

  • Hello,

    One of the reason I chose inmotion for my website is because it provides a tutorial for installing elasticsearch, which is present in my website. I have already followed all the steps successfully. But the service is not working on the website. I am getting the following error response on php services that creates an elastic search client :

    Fatal error: Class ‘Elasticsearch\Client’ not found in /home/catove5/public_html/catovert/gateway/app/init.php on line 5

    Can you please indicate what should be done next to get it running on the website?

Was this article helpful? Let us know!