Monday, July 17, 2017

0

Graylog installation

  • Monday, July 17, 2017
  • Share
  • I am going to install Graylog server in Ubuntu 14.
    For graylog setup we need to install following Mongo DB and ElasticSearch.

    First install oracle jdk 8

    sudo apt-get install python-software-properties
    sudo add-apt-repository ppa:webupd8team/java
    sudo apt-get update

    Oracle JDK 8:

    sudo apt-get install oracle-java8-installer

    To check : $ java -version

    Next Elasticsearch :

    From graylog 2.3 it is supporting elasticsearch 5.X

    Download and install the Debian package

    wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.deb
    sha1sum elasticsearch-5.5.0.deb
    sudo dpkg -i elasticsearch-5.5.0.deb
    sudo update-rc.d elasticsearch defaults 95 10
    Elasticsearch can be started and stopped using the service command:

    sudo -i service elasticsearch start
    sudo -i service elasticsearch stop

    Install MongoDB
    Import the public key used by the package management system
    sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6
    Create a /etc/apt/sources.list.d/mongodb-enterprise.list file for MongoDB
    echo "deb [ arch=amd64 ] http://repo.mongodb.com/apt/ubuntu trusty/mongodb-enterprise/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
    sudo apt-get update
    sudo apt-get install -y mongodb-enterprise

    Graylog
    wget https://packages.graylog2.org/repo/packages/graylog-2.3-repository_latest.deb
    dpkg -i graylog-2.3-repository_latest.deb
    sudo apt-get update && sudo apt-get install graylog-server

    For  Graylog authentication  to set username password by below steps: 
    cd /etc/graylog/server/
    vi server.conf
    apt-get install pwgen
     pwgen -N 1 -s 96
    You ll get like below ..past in server.conf
     a9ft39dMEPTmZlXOFTM4tXiD7V02StfYVNodJlgA0XmeMofVh5B3CwgngAVXXjJrJLtdiRHzG0ouI4LabzuZ7mUNH1gWSBUA
    For password try below steps here admin is my password
     echo -n admin | sha256sum
     8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6rf2ab48a918

    Then save the above changes and start graylog server
     service graylog-server start
     

    0 Responses to “Graylog installation ”

    Subscribe