I am trying to setup graylog on Ubuntu 14.04. I tried to find out installation steps on internet I found few links. but their method of installation is manual I mean installation from the source. and I don't want to follow installation from source because posts are old, some are talking about graylog2(I could not found difference between normal graylog and graylog2), their source package is old so there configuration files are not matching with latest configuration files.
so I decided to setup latest greylog from official documentation at http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04
I have installed latest mongodb and elasticsearch.
after that I followed steps to install graylog-server and graylog-web from official documentation.
$ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo apt-get install apt-transport-https
$ sudo apt-get update
$ sudo apt-get install graylog-server graylog-web
I am able to see configuration files after installation
/etc/graylog/server/server.conf
/etc/graylog/web/web.conf
I am able to see other files at
/usr/share/graylog-server
/usr/share/graylog-server/bin
/usr/share/graylog-server/graylog.jar
/usr/share/graylog-web
/usr/share/graylog-web/bin/
/usr/share/graylog-web/conf
I configured /etc/graylog/server/server.conf
and /etc/elasticsearch/elasticsearch.yml
with help of https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and able to run graylog-server by running
java -jar /usr/share/graylog-server/graylog.jar server
this shows me
Started REST API at <http://127.0.0.1:12900/
Graylog server up and running.
After that I am not understanding how to setup graylog-server and graylog-web properly because these steps are not complete. I will appreciate if someone could give clean steps for proper setup. thanks in advance
Best Answer
I am writing steps to setup
graylog-server
andgraylog-web
from repository. graylog-web is webbased frontend to graylog./etc/elasticsearch/elasticsearch.yml
sample setting is
cluster.name: graylog-production
network.bind_host: 0.0.0.0
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["127.0.0.1:9300"]
script.disable_dynamic: true
now restart elasticsearch by
sudo service elasticsearch restart
Now install graylog-server and graylog-web
first setup graylog repository
$ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo apt-get install apt-transport-https
$ sudo apt-get update
now we can install graylog-server and graylog-web by
apt-get
$ sudo apt-get install graylog-server graylog-web
/etc/graylog/server/server.conf
follow https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04 for settings.
see sample setting file at http://paste.ubuntu.com/12426568/
java -jar /usr/share/graylog-server/graylog.jar server
if its running then you will see lines
Started REST API at <http://127.0.0.1:12900/
Graylog server up and running.
/etc/graylog/web/web.conf
to/usr/share/graylog-web/conf/web.conf
and give valuesgraylog2-server.uris="http://127.0.0.1:12900/"
and setapplication.secret
sudo /usr/share/graylog-web/bin/graylog-web-interface
or bysudo start graylog-web
http://localhost:9000