diff --git a/install/group_vars/all.yml b/install/group_vars/all.yml
index 444b513..666a2e4 100644
--- a/install/group_vars/all.yml
+++ b/install/group_vars/all.yml
@@ -2,7 +2,7 @@
 
 # Default Ansible user
 # change this if you use a non-root user for running Ansible playbooks
-ansible_system_user: root
+ansible_system_user: ec2-user
 
 # EPEL Repository for extra packages
 epel_repo: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
diff --git a/install/roles/elasticsearch/tasks/main.yml b/install/roles/elasticsearch/tasks/main.yml
index 9e4814f..6861901 100644
--- a/install/roles/elasticsearch/tasks/main.yml
+++ b/install/roles/elasticsearch/tasks/main.yml
@@ -18,12 +18,13 @@
     mode=0644
   become: true
 
+# Added java-1.8.0 limitation.  Known issue: #with java10 I get these error :Unrecognized VM option 'UseParNewGC' #9316
 - name: Install elasticsearch and openjdk
   yum: name={{ item }} state=present
   become: true
   with_items:
     - elasticsearch
-    - java-openjdk-headless
+    - java-1.8.0-openjdk-headless
 
 - name: Copy templated elasticsearch.yml
   template:
@@ -80,7 +81,7 @@
   register: elasticsearch_updated
 
 - name: Apply workaround for java listening port
-  raw: setcap 'cap_net_bind_service=+ep' /usr/lib/jvm/java-1.8.*openjdk-*/jre/bin/java
+  raw: setcap 'cap_net_bind_service=+ep' /usr/lib/jvm/jre/bin/java
   become: true
 
 # https://www.centos.org/forums/viewtopic.php?t=16398
diff --git a/install/roles/kibana/tasks/main.yml b/install/roles/kibana/tasks/main.yml
index 20a76cc..7a15e5d 100644
--- a/install/roles/kibana/tasks/main.yml
+++ b/install/roles/kibana/tasks/main.yml
@@ -142,6 +142,17 @@
   when: (logging_backend != 'fluentd')
   become: true
 
+# Workaround for known logstash issue 'Missing systemd scripts in 6.2.4 #9403'
+- name: Check status of systemd logstash.service
+  stat:
+    path: /etc/systemd/system/logstash.service
+  register: logstash_service_status
+
+- name: Create logstash service if it doesn't already exists
+  shell: /usr/share/logstash/bin/system-install /etc/logstash/startup.options systemd
+  become: true
+  when: logstash_service_status.stat.exists == false
+
 # We are in the kibana playbook but starting logstash here now
 # This is needed because perms should be set on certificates before
 # logstash references them for filebeat SSL connections.