sudo apt update sudo apt install -y apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen curl dirmngr
Verify the Java version.
java -version
Output:
openjdk version "1.8.0_191" OpenJDK Runtime Environment (build 1.8.0_191-8u191-b12-2ubuntu0.18.04.1-b12) OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
Install Elasticsearch
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list
sudo apt update sudo apt install -y elasticsearch
sudo systemctl enable elasticsearch
sudo nano /etc/elasticsearch/elasticsearch.yml
cluster.name: graylog
sudo systemctl restart elasticsearch
curl -X GET http://localhost:9200
Output:
{
"name" : "bgVbYrc",
"cluster_name" : "graylog",
"cluster_uuid" : "-wECQlwnSZWftd_XdWSz-g",
"version" : {
"number" : "6.6.1",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "1fd8f69",
"build_date" : "2019-02-13T17:10:04.160291Z",
"build_snapshot" : false,
"lucene_version" : "7.6.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'
Output:
{
"cluster_name" : "graylog",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 0,
"active_shards" : 0,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
Install MongoDB
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4
### Ubuntu 18.04 ### echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list ### Ubuntu 16.04 ### echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list
sudo apt update sudo apt install -y mongodb-org
sudo systemctl start mongod sudo systemctl enable mongod
Install Graylog
wget https://packages.graylog2.org/repo/packages/graylog-3.0-repository_latest.deb sudo dpkg -i graylog-3.0-repository_latest.deb
sudo apt update
sudo apt install -y graylog-server
Configure Graylog
pwgen -N 1 -s 96
Output:
fGoTI07CooB6xNy5sdPVSKSuq6QSu2QyWf6G9z3haolgwbERTQ9ZbfbF6hxRYbJMMAlEZX7CXHxJLBkNyfM0420u8aFuZy9M
sudo nano /etc/graylog/server/server.conf
password_secret = fGoTI07CooB6xNy5sdPVSKSuq6QSu2QyWf6G9z3haolgwbERTQ9ZbfbF6hxRYbJMMAlEZX7CXHxJLBkNyfM0420u8aFuZy9M
echo -n yourpassword | sha256sum
Output:
e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e951
sudo nano /etc/graylog/server/server.conf
root_password_sha2 = e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e951
root_email = "xxx@gmail.com"
root_timezone = UTC
is_master = true
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
elasticsearch_shards = 1
elasticsearch_replicas = 0
Setup Graylog web interface
sudo nano /etc/graylog/server/server.conf
http_bind_address = your-server-ip:9000
sudo systemctl restart graylog-server
sudo systemctl enable graylog-server
sudo tail -f /var/log/graylog-server/server.log
Output:
2019-02-22T10:07:49.398+05:30 INFO [ServerBootstrap] Graylog server up and running.
Access Graylog http://your-server-ip:9000
Login with username admin and the password you configured at root_password_sha2 on server.conf.Configure Rsyslog
vi /etc/apache2/sites-available/000-default.conf
ErrorLog syslog:local6
CustomLog "||/usr/bin/logger -t apache -i -p local6.notice" combined
vi /etc/rsyslog.d/50-default.conf
*.* @192.168.38.142
service rsyslog restart
service apache2 restart
ไม่มีความคิดเห็น:
แสดงความคิดเห็น