I am trying to setup graylog on Ubuntu 14.04. I tried to find out installation steps on internet I found few links. but their method of installation is manual I mean installation from the source. and I don't want to follow installation from source because posts are old, some are talking about graylog2(I could not found difference between normal graylog and graylog2), their source package is old so there configuration files are not matching with latest configuration files.
so I decided to setup latest greylog from official documentation at http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04
I have installed latest mongodb and elasticsearch.
after that I followed steps to install graylog-server and graylog-web from official documentation.
$ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo apt-get install apt-transport-https
$ sudo apt-get update
$ sudo apt-get install graylog-server graylog-web
I am able to see configuration files after installation
/etc/graylog/server/server.conf
/etc/graylog/web/web.conf
I am able to see other files at
/usr/share/graylog-server
/usr/share/graylog-server/bin
/usr/share/graylog-server/graylog.jar
/usr/share/graylog-web
/usr/share/graylog-web/bin/
/usr/share/graylog-web/conf
I configured /etc/graylog/server/server.conf and /etc/elasticsearch/elasticsearch.yml with help of https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and able to run graylog-server by running
java -jar /usr/share/graylog-server/graylog.jar server
this shows me
Started REST API at <http://127.0.0.1:12900/
Graylog server up and running.
After that I am not understanding how to setup graylog-server and graylog-web properly because these steps are not complete. I will appreciate if someone could give clean steps for proper setup. thanks in advance
Best Answer
I am writing steps to setup
graylog-serverandgraylog-webfrom repository. graylog-web is webbased frontend to graylog./etc/elasticsearch/elasticsearch.ymlsample setting is
cluster.name: graylog-productionnetwork.bind_host: 0.0.0.0discovery.zen.ping.multicast.enabled: falsediscovery.zen.ping.unicast.hosts: ["127.0.0.1:9300"]script.disable_dynamic: truenow restart elasticsearch by
sudo service elasticsearch restartNow install graylog-server and graylog-web
first setup graylog repository
$ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb$ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb$ sudo apt-get install apt-transport-https$ sudo apt-get updatenow we can install graylog-server and graylog-web by
apt-get$ sudo apt-get install graylog-server graylog-web/etc/graylog/server/server.conffollow https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04 for settings.
see sample setting file at http://paste.ubuntu.com/12426568/
java -jar /usr/share/graylog-server/graylog.jar serverif its running then you will see lines
Started REST API at <http://127.0.0.1:12900/Graylog server up and running./etc/graylog/web/web.confto/usr/share/graylog-web/conf/web.confand give valuesgraylog2-server.uris="http://127.0.0.1:12900/"and setapplication.secretsudo /usr/share/graylog-web/bin/graylog-web-interfaceor bysudo start graylog-webhttp://localhost:9000