Recommended EC2 instance type is r5.large.
Install OpenJDK 11 by running the following command:
sudo yum install java-11-amazon-corretto
Install wget by running the following command:
yum install wget
Verify the installation by running the following command:
Set map count within /etc/sysctl.conf file by adding the following line:
Increase ulimit value and test system settings
To change the file descriptor setting, edit the file /etc/sysctl.conf.
To apply the changes :
To change the ulimit setting, edit the file /etc/security/limits.conf and set the hard and soft limits:
* soft nofile 100000
* hard nofile 100000
After this value is changed please reboot the server.
Test the settings using the following command:
To check the current open file descriptor limit:
sysctl -a | grep fs.file-max
To find out how many file descriptors are currently being used:
To find out how many files are currently open:
lsof | wc -l
Please login as root using sudo su if you are not the root user.
Create a SearchBlox user
sudo adduser searchblox
sudo passwd searchblox
SearchBlox has to be installed in /opt folder, so change directory to /opt
Download SearchBlox rpm package
sudo wget https://d2fco3ozzrfhhd.cloudfront.net/v10.5.1/searchblox-10.5.1-0.noarch.rpm
Install the rpm package
sudo rpm -ivh searchblox-10.5.1-0.noarch.rpm
Change permission for the following folders
sudo chown -R searchblox:searchblox /opt/searchblox
sudo chmod -R 755 /opt/searchblox/bin
sudo chmod -R 755 /opt/searchblox/elasticsearch/bin
sudo chmod -R 755 /opt/searchblox/analytics
sudo chmod -R 755 /opt/searchblox/logs
sudo chmod -R 755 /opt/searchblox/elasticsearch/logs
sudo chmod -R 755 /opt/searchblox/connectors
Start SearchBlox service by running the following command:
systemctl start searchblox
SearchBlox service will start elasticsearch and analytics services internally unlike previous versions. If service start up gives any issues, enable searchblox.service using the command below:
Stop Analytics, SearchBlox and Elasticsearch services by running the following command:
systemctl stop searchblox
To verify the status of the SearchBlox service please use the following command:
systemctl status searchblox
After you start the services, wait for 30 seconds then go to
https://<Hostname or Host IP>:8443/console/ to access the SearchBlox Management Console to login.
You can also verify if SearchBlox has started successfully by viewing the status.log file in the
Please confirm the message "Started Successfully" is shown in the log. In case of any errors, this log will provide additional information for troubleshooting.
To learn more on Troubleshooting visit: Logging and Troubleshooting
To learn about accessing SearchBlox visit: Overview of SearchBlox
To learn about tuning after installation visit: Installation Tuning
SearchBlox Admin Console Access using IP Address or Domain Name
SearchBlox Server runs on port 8443 by default.
You can change the port by following the steps as shown in the following:
Stop SearchBlox service
Edit the file /opt/searchblox/start.d/https.ini and add the below line to set the required port number:
Save the file https.ini
Start SearchBlox service
Fix the permission denied error while using searchblox service on less than ports 1024, run the below commands:
Check the Java Path
Set the capability to bind low ports for non-root searchblox user.
Uninstall or remove SearchBlox by running the following command:
yum remove searchblox
Note: For clean SearchBlox uninstallation, it is required to remove searchblox directory i.e., /opt/searchblox manually by running the following command:
rm -rf /opt/searchblox
Updated about 2 months ago