Project

General

Profile

Support #435

Updated by Daniel Curtis over 10 years ago

h3. Prerequisites 

 You will need the following environment: 
 * Debian Linux 
 * 2GB RAM (I ran into issues using less) 
 * 80GB HD 

 You will need to have the following services installed on either the host you are running graylog2-server on or on dedicated machines: 
 # ElasticSearch v0.90.10 
 # MongoDB (as recent stable version as possible, at least v2.0) 

 h3. Vagrant Box available 

 * https://github.com/hggh/graylog2-vagrant 

 h2. Install Graylog2 

 * Install Debian a few dependencies 
 <pre> 
 apt-get install mongodb-server openjdk-7-jre-headless uuid-runtime adduser pwgen 
 </pre> 

 * Install Elasticsearch from Upstream 
 <pre> 
 wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-0.90.10.deb 
 dpkg -i elasticsearch-0.90.10.deb 
 </pre> 
 #* Configure of Elasticsearch: 
 <pre> 
 vi /etc/elasticsearch/elasticsearch.yml 
 </pre> 
 #* Add to configuration: 
 > cluster.name: graylog2 

 h3. Install Graylog2 Packages 

 * Install GPG Key from Jonas Genannt GPG Stats: 
 <pre> 
 apt-key adv --keyserver pgp.surfnet.nl --recv-keys 016CFFD0 
 </pre> 

 * Add Graylog2 Apt Repro: 
 <pre> 
 echo 'deb http://finja.brachium-system.net/~jonas/packages/graylog2_repro/ wheezy main' > /etc/apt/sources.list.d/graylog2.list 
 </pre> 

 * Install Graylog2 Packages: 
 <pre> 
 apt-get update && apt-get install graylog2-server graylog2-web 
 </pre> 

 * Install Graylog2 Stream Dashboard: 
 <pre> 
 apt-get install graylog2-stream-dashboard 
 </pre> 

 * OR: manually download deb files: http://finja.brachium-system.net/~jonas/packages/graylog2/ 

 h3. Enable Graylog2 init script 

 * Graylog2 Server 
 <pre> 
 sed -i 's@no@yes@' /etc/default/graylog2-server 
 </pre> 

 * Graylog2 Webinterface 
 <pre> 
 sed -i 's@no@yes@' /etc/default/graylog2-web 
 </pre> 

 h3. Configuration of Graylog2 

 * Edit the Graylog2 server parameters, see configuration: 
 <pre> 
 vi /etc/graylog2/server/server.conf 
 </pre> 
 > password_secret 
 > root_password_sha2 
 #* To generate the "password_secret", run: 
 <pre> 
 pwgen -s 96 
 </pre> 
 #* To generate the "root_password_sha2", run: 
 echo -n SuperSecretPassword | shasum -a 256 

 Edit the Graylog2 web server parameters: 
 <pre> 
 vi /etc/graylog2/web/graylog2-web-interface.conf 
 </pre> 
 > graylog2-server.uris="http://127.0.0.1:12900/" 
 > application.secret="" 
 #* To generate the "application.secret", run: 
 <pre> 
 pwgen -s 96 
 </pre> application.secret 

 h3. Start the Graylog2 services 

 * Graylog2 Server 
 service graylog2-server start 

 * Graylog2 Webinterface 
 <pre> 
 service graylog2-web start 
 </pre> 

 * Elasticsearch 
 <pre> 
 service elasticsearch 
 </pre>  

 * Now its time to access the web interface, open a web browser and navigate to: 
 http://localhost:9000/ 
 #* Username: admin 
 #* Password: (see /etc/graylog2/server/server.conf) 

 Graylog2 official documentation 

 http://support.torch.sh/help/kb/graylog2-web-interface/installing-graylog2-web-interface-v0200-previewx-on-nix-systems 

 h2. Resources 

 * https://gist.github.com/hggh/7492598 
 * http://support.torch.sh/help/kb/graylog2-server/installing-graylog2-server-v020x-on-nix-systems 
 * https://wiki.joyent.com/wiki/display/jpc2/Installing+Elasticsearch+From+Source+on+SmartOS 
 * http://www.elasticsearch.org/downloads/0-90-10/

Back