Monday, July 17, 2017

0

Graylog 2.3 installation with Elasticsearch5.5.X

  • Monday, July 17, 2017
  • I am going to install Graylog server 2.3  in Ubuntu 14.
    For graylog setup we need to install following Mongo DB and ElasticSearch.Image result for graylog2
    First install oracle jdk 8

    sudo apt-get install python-software-properties
    sudo add-apt-repository ppa:webupd8team/java
    sudo apt-get update

    Oracle JDK 8:

    sudo apt-get install oracle-java8-installer

    To check : $ java -version

    Next Elasticsearch :

    From graylog 2.3 it is supporting elasticsearch 5.X

    Download and install the Debian package

    $wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.deb
    $sha1sum elasticsearch-5.5.0.deb
    $sudo dpkg -i elasticsearch-5.5.0.deb
    $sudo update-rc.d elasticsearch defaults 95 10

    Elasticsearch can be started and stopped using the service command:

    $sudo -i service elasticsearch start
    $sudo -i service elasticsearch stop

    Install MongoDB
    Import the public key used by the package management system
    $sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6

    Create a /etc/apt/sources.list.d/mongodb-enterprise.list file for MongoDB
    $echo "deb [ arch=amd64 ] http://repo.mongodb.com/apt/ubuntu trusty/mongodb-enterprise/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
    $sudo apt-get update
    $sudo apt-get install -y mongodb-enterprise

    Graylog
    $wget https://packages.graylog2.org/repo/packages/graylog-2.3-repository_latest.deb
    $dpkg -i graylog-2.3-repository_latest.deb
    $sudo apt-get update && sudo apt-get install graylog-server

    For  Graylog authentication  to set username password by below steps: 
    $cd /etc/graylog/server/
    $vi server.conf
    $apt-get install pwgen
     $pwgen -N 1 -s 96

    You ll get like below ..past in server.conf
     a9ft39dMEPTmZlXOFTM4tXiD7V02StfYVNodJlgA0XmeMofVh5B3CwgngAVXXjJrJLtdiRHzG0ouI4LabzuZ7mUNH1gWSBUA

    For password try below steps here admin is my password
     $echo -n admin | sha256sum
     8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6rf2ab48a918

    Then save the above changes and start graylog server
     service graylog-server start
    open
    http://localhost:9000  you will get below page give login credentials which you given in graylog server.conf file
    Image result for graylog login page

    Read more...

    Subscribe