Tutorials

This section provides step-by-step instructions to deploy and protect a self-managed Elastic Stack. You will learn how to move from an initial installation to a production-ready, secure configuration.

• Install a self-managed Elastic Stack

  • Objective: Set up a functional, secure-by-default environment for testing or development.
  • What you will do: Install the components of the Elastic Stack, including Elasticsearch, Kibana, Fleet Server, and Elastic Agent, using automatic security setup for Elasticsearch, enrolling Kibana, and using the Quick Start flow for Fleet Server and Elastic Agent to collect system data from a host.
  • Outcome: A running multi-node Elasticsearch deployment with Kibana, Fleet Server, and Elastic Agent installed and configured, and system data viewable in Kibana.
  • Security overview: Elasticsearch uses automatic security setup, generating TLS certificates for the transport and HTTP layers. Kibana is enrolled with Elasticsearch, but browser-to-Kibana HTTPS is not configured. Fleet Server uses the Quick Start self-signed certificate flow for Elastic Agent enrollment.

• Customize certificates for a self-managed Elastic Stack

  • Objective: Customize the certificate model for an existing installation.
  • What you will do: Replace or adjust the default certificate setup for Elasticsearch, Kibana, Fleet Server, and Elastic Agent.
  • Outcome: A deployment that uses the certificate authorities and TLS configuration required by your environment.
  • Security overview: Create a new CA and certificates for the Elasticsearch transport layer, create new certificates for the Elasticsearch HTTP layer, generate and configure certificates for browser-to-Kibana HTTPS, and configure certificates for Fleet Server.