How to install and setup graylog-server and graylog-web on Ubuntu from repository?

14.04 log
14,017

I am writing steps to setup graylog-server and graylog-web from repository. graylog-web is webbased frontend to graylog.

  1. mongodb and elasticsearch are the dependencies so we have to install these first.
  2. now configure elasticsearch e.g. edit /etc/elasticsearch/elasticsearch.yml
    sample setting is
    cluster.name: graylog-production
    network.bind_host: 0.0.0.0
    discovery.zen.ping.multicast.enabled: false
    discovery.zen.ping.unicast.hosts: ["127.0.0.1:9300"]
    script.disable_dynamic: true

  3. now restart elasticsearch by sudo service elasticsearch restart

  4. Now install graylog-server and graylog-web
    first setup graylog repository
    $ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb
    $ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb
    $ sudo apt-get install apt-transport-https
    $ sudo apt-get update
    now we can install graylog-server and graylog-web by apt-get
    $ sudo apt-get install graylog-server graylog-web

  5. Now graylog-server has installed, we need to configure setting e.g. edit file /etc/graylog/server/server.conf
    follow https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04 for settings.
    see sample setting file at http://paste.ubuntu.com/12426568/
  6. check if graylog-server is running or not
    java -jar /usr/share/graylog-server/graylog.jar server
    if its running then you will see lines
    Started REST API at <http://127.0.0.1:12900/
    Graylog server up and running.
  7. Now if graylog-server is running fine then you re ready to setup graylog-web. we have already installed it so now copy /etc/graylog/web/web.conf to /usr/share/graylog-web/conf/web.conf and give values
    graylog2-server.uris="http://127.0.0.1:12900/" and set application.secret
  8. we are done now, so lets start graylog-web
    sudo /usr/share/graylog-web/bin/graylog-web-interface or by sudo start graylog-web
  9. check by opening http://localhost:9000
Share:
14,017

Related videos on Youtube

Alok
Author by

Alok

Updated on September 18, 2022

Comments

  • Alok
    Alok over 1 year

    I am trying to setup graylog on Ubuntu 14.04. I tried to find out installation steps on internet I found few links. but their method of installation is manual I mean installation from the source. and I don't want to follow installation from source because posts are old, some are talking about graylog2(I could not found difference between normal graylog and graylog2), their source package is old so there configuration files are not matching with latest configuration files.

    so I decided to setup latest greylog from official documentation at http://docs.graylog.org/en/1.0/pages/installation.html#ubuntu-14-04

    I have installed latest mongodb and elasticsearch.
    after that I followed steps to install graylog-server and graylog-web from official documentation. 

    $ wget https://packages.graylog2.org/repo/packages/graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo dpkg -i graylog-1.0-repository-ubuntu14.04_latest.deb
$ sudo apt-get install apt-transport-https
$ sudo apt-get update
$ sudo apt-get install graylog-server graylog-web

    I am able to see configuration files after installation

    /etc/graylog/server/server.conf
/etc/graylog/web/web.conf

    I am able to see other files at 

    /usr/share/graylog-server
/usr/share/graylog-server/bin
/usr/share/graylog-server/graylog.jar
/usr/share/graylog-web
/usr/share/graylog-web/bin/
/usr/share/graylog-web/conf

    I configured /etc/graylog/server/server.conf and /etc/elasticsearch/elasticsearch.yml with help of https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04 and able to run graylog-server by running 

    java -jar /usr/share/graylog-server/graylog.jar server

    this shows me 

    Started REST API at <http://127.0.0.1:12900/
Graylog server up and running.

    After that I am not understanding how to setup graylog-server and graylog-web properly because these steps are not complete. I will appreciate if someone could give clean steps for proper setup. thanks in advance

    • Alok
      Alok almost 9 years
      please someone add tag graylog to my post
    • A.B.
      A.B. almost 9 years
      Open the URL 127.0.0.1:12900 in your browser.
    • Alok
      Alok almost 9 years
      @A.B. its showing {"type":"ApiError","message":"HTTP 404 Not Found"}
    • A.B.
      A.B. almost 9 years
      You've completed all the steps of the guide?
    • Alok
      Alok almost 9 years
      no, I completed till what I have mentioned in post because author is setting up from source and I am setting up from repository

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

/var/log/secure not present in 14.04 ,is there any alternative?
Ubuntu 14.04 - logrotate does not rotate /var/log/* (rsyslog config)
Is it safe to delete btmp from log on ubuntu 14.04 rackapace server?
Ubuntu crash - how to read log files
Accidentally deleted /var/log/syslog
Redirect UFW logs to own file?
Where does Ubuntu 14.04 log SSH access attempts?
/var/log/mail.log getting huge
How do I change my cron loglevel to 7 from default value 1?
Touchpad not working on Acer Aspire One Cloudbook 11