First, lets Download the beats template.

curl -O https://raw.githubusercontent.com/elastic/topbeat/master/etc/topbeat.template.json

Upload to elastic template

curl -XPUT 'http://elk3.domain.com:9200/_template/topbeat' -d@topbeat.template.json

Now, lets install topbeat, add elastic beat repo, and run

yum -y install topbeat

Modify /etc/topbeat/topbeat.yml, under elasticsearch add elastic (or logstash) hosts

hosts: ["10.10.3.48:9204", "10.10.3.48:9205", "10.10.3.48:9206"]

Start the beat service

systemctl start topbeat

Install topbeats dashboards

curl -L -O https://download.elastic.co/beats/dashboards/beats-dashboards-1.2.0.zip
unzip beats-dashboards-1.2.0.zip, and run
./load.sh -url "http://elk3.domain.com:9200"

Finally, create the kibana index, [topbeat]-YYY.MM.DD in the web UI

To verify the index got created (after logs are send to the system)

curl -XGET 'http://localhost:9200/topbeat-*/_search?pretty'

Source

http://amsterdam.luminis.eu/2015/10/05/infrastructure-metrics-with-elasticsearch-stack/

Network capture

http://amsterdam.luminis.eu/2015/10/05/infrastructure-metrics-with-elasticsearch-stack/