WEBVTT

00:00.150 --> 00:02.670
OK, let's look at the ElasticSearch data source now.

00:02.700 --> 00:08.490
It's another monitoring solution which has recently become quite popular for this whole install version

00:08.490 --> 00:09.630
seven point sixteen.

00:09.660 --> 00:15.180
Also, it uses the Java VMS, so it's going to need a minimum of two gigs of RAM for the ElasticSearch

00:15.180 --> 00:15.870
service.

00:15.990 --> 00:17.900
So I'm going to get my cell phone on the server.

00:17.910 --> 00:20.430
I'm on digitalization crate droplets.

00:21.390 --> 00:29.400
I'm going to use Ubuntu Point for Basic is $12 a month, two gigabytes ram, which is perfect.

00:30.180 --> 00:31.400
I'm going to put it in Amsterdam.

00:31.410 --> 00:36.870
I'm going to use the same VPC that I've been using throughout the course of my associated key, and

00:36.870 --> 00:37.590
I'm going to call it.

00:38.620 --> 00:42.040
ElasticSearch pay correct droplet.

00:43.860 --> 00:45.330
OK, so I got my pay now.

00:45.360 --> 00:46.050
Copy that.

00:46.230 --> 00:49.110
I'm going to set that up and putting the stick.

00:49.890 --> 00:50.760
Search.

00:50.970 --> 00:52.170
Save it.

00:53.650 --> 00:55.800
Pay parents.

00:57.260 --> 00:57.930
Okay.

00:57.980 --> 01:02.180
And go back and just cite that again, ElasticSearch.

01:03.350 --> 01:07.070
Hey, I'm on my new ElasticSearch server with 2GB of RAM.

01:07.130 --> 01:11.900
OK, so I'm going to install Debian package from this address here.

01:11.960 --> 01:18.500
I've already copied the commands, so copy that lawn paste into the next line.

01:18.500 --> 01:20.770
We need to install the dependencies.

01:21.720 --> 01:28.260
It's actually already there next to save the repository definition, couldn't quite click until now

01:28.260 --> 01:31.680
to run APT Update and install ElasticSearch.

01:34.030 --> 01:35.800
OK, we can check the status.

01:37.090 --> 01:39.310
OK, so it's loaded, but it's not running control.

01:39.500 --> 01:41.850
See, OK, we can start it.

01:43.170 --> 01:45.750
It usually takes 30 seconds to stop.

01:47.380 --> 01:47.900
OK.

01:47.950 --> 01:49.090
Double check status.

01:49.600 --> 01:50.980
OK, so it's running very good.

01:51.670 --> 01:55.310
If you're getting errors, you could run that line to see what they were.

01:55.330 --> 01:56.340
But mine's booking.

01:56.350 --> 02:01.840
We can see that a new user was created called ElasticSearch and we can see what processes it's running.

02:01.880 --> 02:04.680
OK, so is running Java and controller OK?

02:04.690 --> 02:11.440
We can test that it is running locally by doing a curl request and saying if we get a response for nine

02:11.440 --> 02:12.950
200, no go.

02:12.970 --> 02:13.870
There's a response.

02:13.960 --> 02:17.080
So name ElasticSearch, et cetera, and a few other things.

02:17.860 --> 02:22.000
OK, now we're going to need to modify ElasticSearch configuration.

02:22.030 --> 02:27.850
That is because microphone a server will be connecting to the ElasticSearch server, which is a different

02:27.850 --> 02:28.360
server.

02:28.420 --> 02:31.450
So I'm going to need to allow remote connections at minimum.

02:31.570 --> 02:34.930
OK, so let's say into the folder and see what we have.

02:35.110 --> 02:35.390
OK.

02:35.410 --> 02:38.260
So it was installed in ATC ElasticSearch.

02:38.290 --> 02:42.070
So let's lasso Hitesh and there are a few falls.

02:42.070 --> 02:49.210
We need to edit this ElasticSearch women also sudo nano ElasticSearch dot.

02:49.430 --> 02:50.170
Why email?

02:50.320 --> 02:51.790
OK, so scroll down.

02:52.450 --> 02:53.440
Uncomment that.

02:53.620 --> 02:55.360
So cluster name my application.

02:55.360 --> 02:57.980
I'm going to let those default node name node one.

02:58.000 --> 02:59.140
I'm leaving at this default.

03:01.000 --> 03:10.680
Network host changed that to zero zero zero zero binds to all Ethernet interfaces, uncomment nine 200,

03:10.710 --> 03:11.800
that's the default anyway.

03:12.520 --> 03:22.000
And down here, cluster initial masternodes only need one and comment that OK, control x yes.

03:22.900 --> 03:27.820
OK, so those changes are just written there and what documentation we now have to restart it.

03:28.630 --> 03:29.130
OK.

03:29.170 --> 03:30.670
Plastic search restart.

03:32.520 --> 03:33.480
OK, that's good.

03:33.510 --> 03:34.780
Sometimes we're errors.

03:34.800 --> 03:39.570
You can inspect those by running that line up there, but that works.

03:40.380 --> 03:42.820
OK, so got a running ElasticSearch server now?

03:42.850 --> 03:44.500
Now we don't have any indexes in it.

03:44.500 --> 03:45.840
It needs to have an index in it.

03:46.020 --> 03:47.850
So let's create an index.

03:47.910 --> 03:51.240
I'm going to call the index one so clear.

03:51.930 --> 03:53.820
OK, I'm putting index one.

03:54.360 --> 03:56.940
OK, acknowledged true index one.

03:57.180 --> 04:01.840
OK, let's view the metadata into OK, so there we go.

04:01.860 --> 04:03.300
That's all about index one.

04:03.330 --> 04:03.990
That's good enough.

04:04.270 --> 04:07.780
OK, we can add some data to index one time.

04:08.070 --> 04:09.450
Yeah, OK.

04:09.480 --> 04:12.060
I'm adding a road called ABC one to three.

04:12.240 --> 04:14.580
I'm X or X and a timestamp.

04:14.910 --> 04:15.440
That's good.

04:15.450 --> 04:17.670
We can view the contents now of the index.

04:19.100 --> 04:23.360
OK, so source ABC one, two, three nine mix, was it and that's the time stamp.

04:23.450 --> 04:28.670
So we have some data in our index we can view the indices or indexes.

04:30.070 --> 04:32.120
I could see index one exists.

04:33.290 --> 04:35.960
OK, now if you want to index one, you can run that line.

04:35.960 --> 04:37.450
So I'm not going to do that.

04:37.490 --> 04:40.940
I'm not going to go into Crafar and create the elastic search data source.

04:41.030 --> 04:41.480
OK?

04:41.510 --> 04:47.570
Data sources and data source I scroll down ElasticSearch select.

04:48.470 --> 04:54.470
The address of molesting search server was TTP colon slash slash.

04:54.560 --> 04:59.060
I'm going to use the VPC IP address and not the external IP address because I'm going to block that

04:59.060 --> 05:00.690
off using the firewall eventually.

05:01.190 --> 05:09.830
So networking BBC go down to Amsterdam or put it View members my ElasticSearch.

05:09.830 --> 05:13.280
I paste that site one three three zero six.

05:13.610 --> 05:14.090
Copy that!

05:14.950 --> 05:16.420
Colin, nine, two hundred.

05:17.410 --> 05:17.950
OK.

05:18.930 --> 05:20.490
My index name was index one.

05:21.510 --> 05:26.160
Time stamp is correct, and the version is seven, 10 plus.

05:26.770 --> 05:29.270
Now let's save and test, okay.

05:29.280 --> 05:31.680
And networked index time field time.

05:31.680 --> 05:32.100
Okay.

05:32.130 --> 05:32.580
Excellent.

05:32.610 --> 05:38.940
So let's go into explore and up here we should get ElasticSearch.

05:39.030 --> 05:47.550
OK, so I can see some data straight away, but instead select for metric select raw data that shows

05:47.550 --> 05:48.050
the table.

05:48.120 --> 05:53.920
Now, that first row is the information I input using the curl statement before ABC one two three.

05:53.940 --> 05:56.510
Name X Y Z and a timestamp.

05:56.520 --> 06:00.720
We can add another row going back to my documentation and some data to the index.

06:00.750 --> 06:06.480
Copy that back onto your ElasticSearch server ElasticSearch server economically.

06:07.410 --> 06:08.820
Right click to paste.

06:08.910 --> 06:15.750
This time, I'm going to put something different, such as a b, c, d f four or five six.

06:16.050 --> 06:18.060
Name anything I like.

06:18.720 --> 06:21.300
And the current timestamp, which is right.

06:21.570 --> 06:23.760
I think it's excellent.

06:23.760 --> 06:25.220
Successful one.

06:25.720 --> 06:26.100
Very good.

06:26.250 --> 06:27.560
Back into Safana.

06:27.570 --> 06:28.500
Run that query again.

06:28.890 --> 06:34.230
OK, I got two rows, so you can see now that I have an ElasticSearch server running and I'm able to

06:34.230 --> 06:37.470
import data into that and I can read that through the Explore tab.

06:37.560 --> 06:42.780
Now the next videos, rather than putting data into ElasticSearch like that, I'll install two different

06:42.780 --> 06:44.290
services on different computers.

06:44.310 --> 06:45.520
You can have them all over the place.

06:45.540 --> 06:51.090
It's very similar to Loki or Prometheus in this way that will collect data and push data into the ElasticSearch

06:51.090 --> 06:51.600
server.

06:51.630 --> 06:53.520
Okay, so that's the next video.

06:53.550 --> 06:58.770
Also note that you need to manage firewall rules when you use plastic surgeons on the internet because

06:58.770 --> 07:01.410
as you can see, I can easily just create indexes and add data to them.

07:01.410 --> 07:03.270
So I'm going to set up my firewall rules now.

07:03.330 --> 07:03.580
OK.

07:03.600 --> 07:09.060
So if you don't have a firewall like I do in digital version, you can use IP tables or whatever firewall

07:09.060 --> 07:11.260
service your cloud provider gives you.

07:11.310 --> 07:17.280
So you would allow local host Port 9100, you would allow your profoundest server's IP Port nine 200,

07:17.310 --> 07:20.590
for example, and you would drop at nine 200 for everything else.

07:20.690 --> 07:26.460
I'm going to use the digital ocean firewall option, so I'm going to allow microphone a server on the

07:26.460 --> 07:29.430
VPC IP to access my ElasticSearch.

07:29.730 --> 07:31.260
So quite the firewall now.

07:31.980 --> 07:33.090
So firewalls.

07:34.420 --> 07:39.490
Create a firewall ElasticSearch firewall.

07:39.530 --> 07:45.150
I'm going to create a new rule custom nine to hundreds TCP.

07:45.670 --> 07:50.800
Get rid of the defaults, paste, microphone or service IP addressing that.

07:50.860 --> 07:52.330
I'm also going to wall.

07:52.330 --> 07:52.810
I'm here.

07:52.840 --> 07:59.260
Get rid of these on my S-H and use my external IP address that I'm using to create this video.

07:59.770 --> 08:00.630
I guess so.

08:00.640 --> 08:06.470
Only organization to that server and only microphone a server can send messages.

08:06.470 --> 08:07.120
Three point nine.

08:07.120 --> 08:07.960
Two hundred Okay.

08:08.170 --> 08:12.100
So let's apply that to my ElasticSearch.

08:13.150 --> 08:15.630
Server pay Great Firewall.

08:16.850 --> 08:23.630
OK, so only like often a server that's in here can make those requests to nine 200, so query that

08:23.640 --> 08:23.960
we go.

08:24.020 --> 08:24.440
Excellent.

08:25.220 --> 08:29.630
OK, so anyway, next video will install file bait, which is good for reading.

08:29.630 --> 08:34.460
System log was very similar to the Loki pronto service, but for ElasticSearch?

08:34.790 --> 08:35.150
Excellent.