We recommend installing Humio on Ubuntu, at least version 18.04. We also recommend that you first install Zookeeper and Kafka on your server. You will also need to make sure your server is up-to-date, if you haven’t already. You can do this with
apt-get like so:
apt-get update apt-get upgrade
Once you’ve ensured your server is up-to-date, installed Kafka and Zookeeper, you’ll need to do some Humio specific preparations.
First, you’ll need to create a non-administrative user named,
humio to run Humio software in the backgorund. You can do this by executing the following from the command-line:
adduser humio --shell=/bin/false --no-create-home --system --group
You should add this user to the
DenyUsers section of your nodes
/etc/ssh/sshd_config file to prevent it from being able to ssh or sftp into the node. Remember to restart the
sshd daemon after making the change. Once the system has finished updating and the user has been created, you can install Kafka.
Next, create the Humio system directories and give the
humio user ownership of them:
mkdir -p /opt/humio /etc/humio/filebeat /var/log/humio /var/humio/data chown humio:humio /opt/humio /etc/humio/filebeat chown humio:humio /var/log/humio /var/humio/data
You’re now ready to download and install Humio’s software. You should go to the Humio directory and use
wget to download the Humio Java Archive. You can do this from the command-linen like so:
cd /opt/humio/ wget https://repo.humio.com/repository/maven-releases/com/humio/server/x.x.x/server-x.x.x.jar ln -s /opt/humio/server-x.x.x.jar /opt/humio/server.jar
The second to last line here is used to download latest release from https://repo.humio.com/service/rest/repository/browse/maven-releases/com/humio/server/. You’ll have to adjust that line for the correct directory and file name, based on the version at the time. After you’ve downloaded it, enter the last line here to create a symbolic link to it.
Using a simple text editor, create the Humio configuration file,
server.conf in the
/etc/humio directory. There are a few environment variables you will need to enter in this configuration file in order to run Humio on a single server or instance. Below are those basic settings:
BOOTSTRAP_HOST_ID=1 DIRECTORY=/var/humio/data HUMIO_AUDITLOG_DIR=/var/log/humio HUMIO_DEBUGLOG_DIR=/var/log/humio HUMIO_PORT=8080 ELASTIC_PORT=9200 ZOOKEEPER_URL=127.0.0.1:2181 KAFKA_SERVERS=127.0.0.1:9092 EXTERNAL_URL=http://127.0.0.1:8080 PUBLIC_URL=http://127.0.0.1 HUMIO_SOCKET_BIND=0.0.0.0 HUMIO_HTTP_BIND=0.0.0.0
You could copy these lines into the
server.conf file. If you’re intending to use this single server as the first node of a cluster, you’ll have to change the IP addresses from
127.0.0.1 to the IP addresses of the server. When you replicate it to each node, these IP addresses will have to be adjust for each node. See the Cluster Setup documentation page for more information on this.
For more information on each of the environment variables, see the Environment Variables reference page.
Next you should set up a service file. Using a simple text editor, create a file named,
humio.service in the
/etc/systemd/system/ sub-directory. Add these lins to that file:
[Unit] Description=Humio service After=network.service [Service] Type=notify Restart=on-abnormal User=humio Group=humio LimitNOFILE=250000:250000 EnvironmentFile=/etc/humio/server.conf WorkingDirectory=/var/humio ExecStart=/usr/bin/java -server -XX:+UseParallelOldGC -Xms4G -Xmx32G -XX:MaxDirectMemorySize=8G -Xss2M --add-exports java.base/jdk.internal.util=ALL-UNNAMED -XX:CompileCommand=dontinline,com/humio/util/HotspotUtilsJ.dontInline -Xlog:gc*,gc+jni=debug:file=/var/log/humio/gc_humio.log:time,tags:filecount=5,filesize=102400 -Dhumio.auditlog.dir=/var/log/humio -Dhumio.debuglog.dir=/var/log/humio -jar /opt/humio/server.jar [Install] WantedBy=default.target
You will need to change the ownership of the Humio files and start the Humio service. To change the ownership, execute the following two lines from the command-line:
chown -R humio:humio /opt/humio /etc/humio/filebeat chown -R humio:humio /var/log/humio /var/humio/data
You’re ready to start Humio. Do so with the systemctl utility like so:
systemctl start humio
Just to be sure Humio is running and everything is fine, check it with the
journalctl tool. You can do this by entering the following from the command-line:
journalctl -fu humio
If there are no errors, open a web browser and enter the domain name or IP address with port
8080. For example, you would enter something like
http://example.com:8080 in the browser’s address field.