Elkwin - ELK Stack for Windows

Elkwin - ELK Stack for Windows

Elkwin is an ELK stack implementation for Windows systems. It is a packaging of Elasticsearch, Logstash, Kibana and Java Server JRE, to provide a standalone solution ready to use for searching, analyzing and visualization of almost any type of structured and unstructured data in real time. 

 Elasticsearch is a Lucene-based search server, providing a distributed and multitenant-capable full-text search engine with a RESTful web interface and schema-free JSON documents. Logstash is an open source tool for collecting, parsing, and storing logs for future use. Kibana is a web interface that can be used to search and view the logs that Logstash has indexed. Both of these tools are based on Elasticsearch.

 

Installation

Supported platforms : Vista/2008(R2)/7/2012(R2)/8/10/2016

Elkwin is available as a zip file containing an installer. Simply unzip your downloaded copy and run the package "Elkwin_x.x.x_Installer.exe" :

  1. Accept License agreement.
  2. Specify an installation location.
  3. Installation starts. By clicking 'Details' button, you can get more detailed information about installation.
  4. At the end of the installation, the installer will give you information about the default setup.

 

Usage

You need to start all three Elkwin Services in the following order due to dependencies:

Elkwin_Elasticsearch, Elkwin_Logstash and Elkwin_Kibana.

 

You need to configure <inst.dir>/logstash/logstash.conf according to your needs. Logstash comes with a default set of plugins and can be extended further by using the plugin manager. Check our Elkwin FAQs for some recipes.

 

Kibana web interface is available at http://127.0.0.1:5601:

 Kibana example 

 

Uninstallation

This one is easy too:

  1. Run the uninstaller
  2. Remove remnants in the installation directory.

I have multiple configuration files for Logstash!

Elkwin Logstash uses <inst.dir>/logstash/logstash.conf as the configuration file. If you want to arrange your Logstash configuration as multiple files, you can create a directory with the same name and copy your files into it. Keep in mind that they will be processed in alphabetical order and a kind of numbering/sorting mechanism can be necessary.

How to install new plugins in Logstash 5.x ?

You can use Logstash plugin-manager to install/manage plugins:

 

SET JAVA_HOME=<Elkwin inst.dir>\java

CD <Elkwin inst.dir>\logstash

bin\logstash-plugin.bat install <plugin-name>

 

More information about plugin-manager can be found here.

 

This package contain components with different terms of licensing:

Component   Licensing
Elasticsearch 6.6.0 Apache License, Version 2
Logstash 6.6.0 Apache License, Version 2
Kibana 6.6.0 Apache License, Version 2
Java Server JRE Oracle Java 8 u202

Oracle Binary Code License Agreement for Java SE

Elkwin(installer/tools) 5.0.0 Elkwin license (Simplified BSD)