Monday, July 17, 2017
0
Monday, July 17, 2017
Read more...
Graylog 2.3 installation with Elasticsearch5.5.X
I am going to install Graylog server 2.3 in Ubuntu 14.
For graylog setup we need to install following Mongo DB and ElasticSearch.
First install oracle jdk 8
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
Oracle JDK 8:
sudo apt-get install oracle-java8-installer
To check : $ java -version
Next Elasticsearch :
From graylog 2.3 it is supporting elasticsearch 5.X
Download and install the Debian package
$wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.deb
$sha1sum elasticsearch-5.5.0.deb
$sudo dpkg -i elasticsearch-5.5.0.deb
$sudo update-rc.d elasticsearch defaults 95 10
Elasticsearch can be started and stopped using the service command:
$sudo -i service elasticsearch start
$sudo -i service elasticsearch stop
Install MongoDB
Import the public key used by the package management system
$sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6
Create a /etc/apt/sources.list.d/mongodb-enterprise.list file for MongoDB
$echo "deb [ arch=amd64 ] http://repo.mongodb.com/apt/ubuntu trusty/mongodb-enterprise/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
$sudo apt-get update
$sudo apt-get install -y mongodb-enterprise
Graylog
$wget https://packages.graylog2.org/repo/packages/graylog-2.3-repository_latest.deb
$dpkg -i graylog-2.3-repository_latest.deb
$sudo apt-get update && sudo apt-get install graylog-server
For graylog setup we need to install following Mongo DB and ElasticSearch.
First install oracle jdk 8
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
Oracle JDK 8:
sudo apt-get install oracle-java8-installer
To check : $ java -version
Next Elasticsearch :
From graylog 2.3 it is supporting elasticsearch 5.X
Download and install the Debian package
$wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.deb
$sha1sum elasticsearch-5.5.0.deb
$sudo dpkg -i elasticsearch-5.5.0.deb
$sudo update-rc.d elasticsearch defaults 95 10
Elasticsearch can be started and stopped using the service command:
$sudo -i service elasticsearch start
$sudo -i service elasticsearch stop
Install MongoDB
Import the public key used by the package management system
$sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6
Create a /etc/apt/sources.list.d/mongodb-enterprise.list file for MongoDB
$echo "deb [ arch=amd64 ] http://repo.mongodb.com/apt/ubuntu trusty/mongodb-enterprise/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
$sudo apt-get update
$sudo apt-get install -y mongodb-enterprise
Graylog
$wget https://packages.graylog2.org/repo/packages/graylog-2.3-repository_latest.deb
$dpkg -i graylog-2.3-repository_latest.deb
$sudo apt-get update && sudo apt-get install graylog-server
For Graylog authentication to set username password by below steps:
$cd /etc/graylog/server/
$vi server.conf
$apt-get install pwgen
$pwgen -N 1 -s 96
You ll get like below ..past in server.conf
a9ft39dMEPTmZlXOFTM4tXiD7V02StfYVNodJlgA0XmeMofVh5B3CwgngAVXXjJrJLtdiRHzG0ouI4LabzuZ7mUNH1gWSBUA
For password try below steps here admin is my password
$echo -n admin | sha256sum
8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6rf2ab48a918
Then save the above changes and start graylog server
service graylog-server start
open
http://localhost:9000 you will get below page give login credentials which you given in graylog server.conf file
open
http://localhost:9000 you will get below page give login credentials which you given in graylog server.conf file
Subscribe to:
Posts (Atom)