Install Elasticsearch
This section covers:
Prerequisites
Software requirements
How to install Elasticsearch
How to set up X-Pack
How to install Nuix Workstation's List query files on the server
Prerequisites
Ensure Nuix Workstation is installed. For details, see the Nuix Workstation Installation and Configuration Guide.
With Elasticsearch, for enhanced functionality and performance Nuix Workstation requires that you install the following plugins on every Elasticsearch node that services Nuix Workstation case data:
ICU Analysis plugin
Nuix Engine Elasticsearch plugin
Software requirements
The following table details which versions of Nuix Workstation are compatible with which versions of Elasticsearch:
| Nuix Workstation version |
Supported Elasticsearch version |
Additional information |
| Nuix Workstation neo v1.0 and later |
Elasticsearch v7.17.6 |
Elasticsearch requires customers on v7.x to migrate to v7.17 before they can migrate to newer versions of Elasticsearch. The upgrade to v7.17 in Nuix Workstation Neo v avoids the need to do a double migration when Nuix Workstation upgrades to newer major versions of Elasticsearch. For more information, see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html. |
| Nuix Workstation v9.0, v9.2, v9.4, v9.6, v9.8, and v9.10 |
Elasticsearch v7.8.1 |
A fully configured Elasticsearch v7.8.1 is required to create new Elasticsearch cases using v9.0.0. See the Elasticsearch for Nuix Workstation Guide for further information. |
| Elasticsearch v6.8.0 |
Nuix Workstation v8.x does not support Elasticsearch v5.5.0 Nuix Workstation v7.x does not support Elasticsearch v6.8.0 |
Caution: Important for version 8.0, if you must maintain an older version of Nuix Workstation cases, in addition to new neo v1.0 cases, you must maintain two Elasticsearch clusters. Also, once you start the Elasticsearch upgrade procedure, you cannot go backward, so Nuix highly recommends that you take a full backup (snapshot) of your Elasticsearch cases.
Note: Elasticsearch 7.16.3 plugin supports Nuix Workstation v9.6.7 and later. This plugin addresses Apache Log4j and false-positive concerns with some vulnerability scanners. See https://www.elastic.co/blog/new- elasticsearch-and-logstash-releases-upgrade-apache-log4j2 for details. Elasticsearch v7.8.1 is still supported for Nuix Workstation v9.6.6 and earlier.
Download the latest Nuix Engine Plugin for Elasticsearch from https://download.nuix.com/releases/desktop
To install the plugin, from the Elasticsearch bin folder enter: elasticsearch-plugin install file:nuix-engine-es-<version>.zip
To remove the plugin, from the Elasticsearch bin folder enter: elasticsearch-plugin remove nuix-engine
Install Elasticsearch
To install Elasticsearch:
From the Nuix Customer Portal, on the Welcome page, click the Nuix Products link on the right.
On the Nuix Product Downloads page, against Nuix Workstation, click the Download here link.
On the Nuix Workstation Releases page, under Third-Party Dependency Downloads, click the Nuix Engine Elasticsearch Plugin link.
On the Nuix Engine Elasticsearch Plugin Releases page, click the relevant link to download the installer zip file of the compatible version of the Nuix Engine Plugin for Elasticsearch for your version of Nuix Workstation. See the preceding Software requirements section for details.
When downloaded, move the file to the required location, unzip it, and install the plugins.
If downloading Elasticsearch v7.8.1, see https://www.elastic.co/downloads/past-releases/elasticsearch-7-8-1, and to install the plugins on a Windows computer, run the following commands:
CD C:\elastic\elasticsearch-7.8.1 REM Install from online analysis-icu
bin\elasticsearch-plugin install analysis-icu REM Install from offline the Nuix Elastic Plugin
bin\elasticsearch-plugin install -s file:///c:/downloads/nuix-engine-es-9.4.0.105-7.8.1.zip
Note: If you encounter an issue with the plugin install command, use the absolute path for the plugin. Alternatively, omit the C: and use '//' and a path that uses backslashes. For example:
bin\elasticsearch-plugin install -s file://\elastic\Installers\nuix-es-9.4.0.105-7.8.1.zip
The article File URIs in Windows provides guidance on the subject of using file URIs in Windows.
Set up X-Pack
X-Pack controls role-based access to Elasticsearch, which for Nuix Workstation, includes all case data – effectively, the indexes distributed through Elasticsearch.
SSL or TLS secures the case data while it is in transit. Therefore, to enable SSL or TLS security on your Elasticsearch platform, you must first install X-Pack on Elasticsearch and Nuix Workstation, and then configure X-Pack settings in both applications. You configure X-Pack settings to secure the authentication for roles and access to SSL certificates. See Configure settings for Elasticsearch cases in Create and configure an Elasticsearch case for details.
For more information on setting up X-Pack in a new cluster, see the Elasticsearch topic 'Set up X-Pack'.
Install Nuix Workstation's List query files on the server
Unlike Lucene cases, Elastic cases require you to locate list query files (Shingle Lists, Digest Lists, Word Lists, Fuzzy Hash Lists) on the server instead of installing them in Nuix Workstation user data folders.
You should keep List files by the plugin on each active node in an Elasticsearch cluster. The Lists folder can be a symbolic link. That way all nodes in the cluster can effectively point to the same shared folder and you maintain the lists from a centralized location.
When the plugin is installed, you must manually create the folders and lists under the folder using: <elasticsearch_install>/config/nuix-engine/Lists
Nuix recommends using the following folder names and file extensions:
Shingle Lists: .shlist
Fuzzy Hash Lists: .txt
Digest Lists: .hash
Word Lists: .words
Note: You can create a symbolic link (both on a Linux or a Windows machine) to your Lists folder (`/config/nuix-engine/Lists`) pointing to an external, shared file repository. This centralizes the maintenance of the Lists' files and makes the process much easier than having to manually copy the files to each new node when you need to update them.