graylog日志系统-安装教程(一)

oakcdrom0条评论 1,405 次浏览

概述

系统:CentOS8.2 mini

软件要求
Graylog offers official DEB and RPM package repositories. The packages have been tested on the following operating systems:

  • Ubuntu 16.04, 18.04, 20.04
  • Debian 8, 9, 10
  • RHEL/CentOS 6, 7, 8

预先准备环境

  • Java ( >= 8 )
  • Elasticsearch (5.x or 6.x)
  • MongoDB (3.6, 4.0 or 4.2)

Graylog 3 不支持 Elasticsearch 7.x!

开始安装

1. 安装java

使用命令:#yum install java-1.8.0-openjdk-headless.x86_64 -y

2. 安装pwgen

使用命令: #yum install epel-release && yum install pwgen -y

3. 安装MongoDB

编辑yum源#vim /etc/yum.repos.d/mongodb-org.repo内容如下:

[mongodb-org-4.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc

安装命令:#yum install mongodb-org -y,设置启动项,并启用MongoDB服务。

#systemctl daemon-reload
#systemctl enable mongod.service
#systemctl start mongod.service
#systemctl --type=service --state=active | grep mongod

4. 安装Elasticsearch

插入密钥#rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch,编辑yum源#vim /etc/yum.repos.d/elasticsearch.repo,内容如下:

[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/oss-6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

安装命令:#yum install elasticsearch-oss -y.

手动修改配置文件/etc/elasticsearch/elasticsearch.yml或者使用命令:

#tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOT
cluster.name: graylog
action.auto_create_index: false
EOT

设置启动项,并启用Elasticsearch服务。

#systemctl daemon-reload
#systemctl enable elasticsearch.service
#systemctl restart elasticsearch.service
#systemctl --type=service --state=active | grep elasticsearch

5. 安装Graylog

5.1 可选项:安装包含组件打graylog,输入命令:

#rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-3.3-repository_latest.rpm
#yum update && sudo yum install graylog-server graylog-enterprise-plugins graylog-integrations-plugins graylog-enterprise-integrations-plugins -y

5.2 或者简单安装,输入命令:#yum install graylog-server -y
5.3 生成password_secret密码,#pwgen -N 1 -s 96
5.4 生成root_password_sha2密码,#echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1
5.5 修改配置文件#vim /etc/graylog/server/server.conf添加password_secretroot_password_sha2,把上面生成到加密信息,填写到相应到选项。
5.6 启动服务,设置开机启动项

#systemctl daemon-reload
#systemctl enable graylog-server.service
#systemctl start graylog-server.service
#systemctl --type=service --state=active | grep graylog

测试

输入ip:9000,账号:root 密码:就是上面生成的。
file
file


发表评论

? razz sad evil ! smile oops grin eek shock ??? cool lol mad twisted roll wink idea arrow neutral cry mrgreen