ELK Stack 9 on Ubuntu 24.04 LTS

ELK Stack 9 on Ubuntu 24.04 by cloudimg

The complete Elastic Stack (Elasticsearch 9 + Logstash 9 + Kibana 9) on Ubuntu 24.04 LTS, purpose built for Microsoft Azure and maintained by cloudimg. A production ready log analytics, full text search, and observability platform, all from a single VM deployment.

Why Choose cloudimg?

• 24/7 Expert Support with guaranteed 24 hour response for all requests and one hour average for critical issues. Contact support@cloudimg.co.uk
• Production Ready from Launch Pre configured, security patched, and validated before publication
• Azure Native Integration Built with Azure Linux Agent, cloud init, and Gen2 Hyper V support
• Per VM Credentials Every deployed VM rotates the elastic superuser password at first boot

What is Included

• Elasticsearch 9 as distributed search and analytics engine on port 9200 (HTTP) with xpack security enabled
• Logstash 9 with Beats input pipeline on port 5044, outputting to local Elasticsearch
• Kibana 9 web dashboard on port 5601 for data visualization and exploration
• elk-firstboot.service rotating elastic and kibana_system passwords to per VM strong values
• JVM heap auto tuning: firstboot adjusts Elasticsearch and Logstash heap sizes based on available RAM
• Default Beats input pipeline at /etc/logstash/conf.d/01-beats-input.conf
• Ubuntu 24.04 LTS (Noble Numbat) with latest security patches
• Azure Linux Agent (waagent) for seamless cloud integration

Use Cases

• Centralized log aggregation and analysis from Filebeat, Metricbeat, and other Beats agents
• Full text search across large document corpora with sub second query latency
• Application Performance Monitoring (APM) with traces, metrics, and logs
• Security Information and Event Management (SIEM) with detection rules
• E commerce product search with faceting and relevance tuning
• Infrastructure observability dashboards in Kibana

Technical Specifications

• Application: ELK Stack 9 (Elasticsearch + Logstash + Kibana)
• Operating System: Ubuntu 24.04 LTS (Noble Numbat)
• VM Generation: Hyper V Gen2 with UEFI boot
• Elasticsearch HTTP Port: 9200
• Kibana Port: 5601
• Logstash Beats Port: 5044
• Default User: azureuser (sudo enabled)

Recommended Virtual Machine Sizes

• Standard_D2s_v5 (2 vCPU, 8 GB RAM) for development and small workloads
• Standard_D4s_v5 (4 vCPU, 16 GB RAM) for moderate production workloads
• Standard_D8s_v5 (8 vCPU, 32 GB RAM) for high throughput log ingestion

Support

cloudimg provides 24/7/365 expert technical support. Guaranteed response within 24 hours, one hour average for critical issues. Contact support@cloudimg.co.uk.

Visit www.cloudimg.co.uk/guides/elk-9-on-ubuntu-24-04-azure/ for the full user guide.

Elasticsearch, Logstash, and Kibana are trademarks of Elasticsearch B.V. This image is provided by cloudimg. Additional charges apply for build, maintenance, and 24/7 support.