Hosting + Ai Website Builder + Free Domain (3 Month Free Credit)
Shop Today
YouStable blog banner

How to Use Elasticsearch on Linux for Fast Search [Complete Guide]

Himanshu Joshi 4 min read

Use Elasticsearch on a Linux server to implement a powerful, scalable, and distributed search and analytics engine. Elasticsearch is widely used for full-text search, log and event data analysis, and real-time data indexing. It is designed to be fast, scalable, and easy to set up on Linux servers for diverse applications.

What is Elasticsearch

This guide covers how to use Elasticsearch on a Linux server—installing, configuring, starting the service, and verifying the setup to get you started effectively.

Prerequisites

  • A Linux server running supported distributions like Ubuntu, Debian, CentOS, Red Hat, or AlmaLinux
  • Root or sudo privileges for installation and service management
  • Java runtime is usually bundled with Elasticsearch packages; ensure your system meets the requirements
  • Network connectivity for downloading Elasticsearch packages

Use Elasticsearch on a Linux Server

Elasticsearch is a powerful, open-source search and analytics engine used for log analysis, full-text search, and real-time data exploration. Running Elasticsearch on a Linux server offers high performance and scalability, making it ideal for handling large datasets across various applications.

Install Elasticsearch on the Linux Server

To get started with Elasticsearch on your Linux system, the first step is to install Elasticsearch. This involves setting up the official Elasticsearch repository and importing its GPG key to ensure package authenticity. Installing via the package manager keeps your Elasticsearch version up-to-date and secure, especially on Ubuntu and Debian systems.

Add the Elasticsearch Repository and GPG Key (Ubuntu/Debian)

  • Import the Elasticsearch GPG key:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
  • Add the Elasticsearch repository:
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
  • Update package lists and install Elasticsearch:
sudo apt update
sudo apt install elasticsearch

For CentOS/Red Hat/AlmaLinux

  • Import the Elasticsearch GPG key:
sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
  • Create the Elasticsearch repo file /etc/yum.repos.d/elasticsearch.repo containing:
[elasticsearch-8.x]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
  • Install Elasticsearch:
sudo yum install elasticsearch

Or on newer distributions:

sudo dnf install elasticsearch

Configure Elasticsearch

After installation, you need to configure ElasticSearch. Edit the main configuration file /etc/elasticsearch/elasticsearch.yml to set basic parameters:

sudo nano /etc/elasticsearch/elasticsearch.yml

Add or adjust these settings as appropriate for your server:

cluster.name: your-cluster-name
node.name: your-node-name
network.host: 127.0.0.1  # Use "0.0.0.0" for external access
http.port: 9200
discovery.type: single-node  # For single-node setups

For a production environment with multiple nodes, omit discovery.type or configure accordingly.

Start and Enable Elasticsearch Service

Reload systemd to recognize the new service and enable Elasticsearch to start on boot:

sudo systemctl daemon-reload
sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch

Verify that Elasticsearch is running:

sudo systemctl status elasticsearch

Look for an active (running) status.

Verify Elasticsearch Installation

Test that Elasticsearch is responding by querying its REST API:

curl -X GET "localhost:9200/"

A successful response will include cluster details similar to:

{
  "name" : "your-node-name",
  "cluster_name" : "your-cluster-name",
  "cluster_uuid" : "some-uuid",
  "version" : {
    "number" : "8.x.x",
    "build_flavor" : "default",
    "build_type" : "rpm",
    ...
  },
  "tagline" : "You Know, for Search"
}

Basic Usage and Management

  • Start/Stop/Restart Elasticsearch:
sudo systemctl start elasticsearch
sudo systemctl stop elasticsearch
sudo systemctl restart elasticsearch
  • View logs for troubleshooting:
sudo journalctl -u elasticsearch

or

sudo tail -f /var/log/elasticsearch/elasticsearch.log
  • Index data using curl or tools:
    You can add documents and query them via Elasticsearch’s REST API on port 9200.

Note: Recent Elasticsearch versions enable security features by default, including TLS and user authentication. On installation, a built-in superuser password is generated and logged. Keep this password safe to manage Elasticsearch securely. For local testing, these can be disabled or adjusted in configuration, but always keep security in mind in production.

Conclusion

To use Elasticsearch on a Linux server, install it from the official Elastic repositories, configure essential parameters in elasticsearch.yml, and start the Elasticsearch service to enable powerful search and analytics capabilities. Managing Elasticsearch through systemd and REST API queries provides flexibility for development and production settings.

For detailed instructions, advanced configuration, and cluster setup, visit the official Elasticsearch documentation.

Himanshu Joshi

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

Scroll to Top