INSTALL AND CONFIGURE GrayLog2 SERVER ON CENTOS 7
INSTALL AND CONFIGURE GrayLog2 SERVER ON CENTOS 7
Graylog is an open source log management tool. It can use for collect, index and analyze remote machine logs centrally.
Components: -
MongoDB - Stores the configuration and meta information.
Elasticsearch - Store the log messages and offers searching facility which are coming from Graylog server. Elasticsearch does indexing of data.
Graylog Server - Collect logs coming from various inputs and provide Web based interface to manage those logs.
Pre-requisites: -
Elasticsearch is based on Java Install Oracle Java / OpenJDK
[root@graylog /]# rpm -Uvh jdk-8u161-linux-x64.rpm
Install Elasticsearch: -
Elasticsearch is an open source tool. Which provides distributed search, indexing and analytics using RESTful web interface. Elasticsearch stores all the log sent by Graylog server inputs and displays the messages.
Download and install public singing key.
[root@graylog /]# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
[root@graylog /]# vim /etc/yum.repos.d/elasitcsearch.repo
[elasticsearch-5.x]
name=Elasticsearch repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
[root@graylog /]# yum install -y elasticsearch
[root@graylog /]# systemctl enable elasticsearch
[root@graylog /]# systemctl start elasticsearch
[root@graylog /]# systemctl daemon-reload
Configure Elasticsearch: -
Elasticsearch configuration files can be found in /etc/elasticsearch/ directory.
logging.yml – manages the logging of elasticsearch
elasticsearch.yml – main configuration file
Log files stores in /var/log/elasticsearch/
By default
Bind to all network interfaces 0.0.0.0 HTTP traffic Listen on port 9200 – 9300 Internal node to node communication on port 9300 – 9400
Do the following changes to listen on specific IP.
[root@graylog /]# vim /etc/elasticsearch/elasticsearch.yml
network.host: 192.168.100.10
The cluster.name is used to discover and auto-join other nodes. Use unique cluster name to avoid auto-join with other Elasticsearch server clusters.
cluster.name: graylog
Disable dynamic scripts to avoid remote execution
script.inline: false
script.indexed: false
script.file: false
[root@graylog /]# systemctl restart elasticsearch.service
Elasticsearch now starts to listen on port 9200 for HTTP requests. Use this command to check whether it is working.
[root@graylog /]# curl -X GET ‘http://192.168.100.10:9200’
To check the Elasticsearch server’s health. Status should be as “green” to work properly.
[root@graylog ~]# curl -XGET 'http://192.168.100.10:9200/_cluster/health?pretty=true'
Install MongoDB: -
Create MongoDB yum repository.
[root@graylog /]# vi /etc/yum.repos.d/mongodb-org-3.2.repo
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
root@graylog ~]# yum install -y mongodb-org
` SELinux Configuration for MongoDB
root@graylog ~]# yum -y install policycoreutils-python
SELinux to allow MongoDB to Start.
[root@graylog ~]# semanage port -a -t mongod_port_t -p tcp 27017
Enable and Start MongoDB Service
[root@graylog /]# systemctl enable mongod.service
[root@graylog /]# systemctl start mongod.service
Install Graylog2: -
Graylog-server accepts and process the log messages receiving from various inputs and display data through Graylog web interface
[root@graylog /]# rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.rpm
[root@graylog /]# yum install graylog-server
Deploy Production Grade Kubernetes Cluster on Azure AKS
Introduction This tutorial is intended to demonstrate how to setup your 1st Kubernetes cluster on Azure Kubernetes Services (AKS). This tutorial will cover up all the steps that you need to setup complete AKS cluster.
Getting Started With Docker - Quick Start Guide
Getting Started With Docker - Quick Start Guide Docker Engine Platform as a Service (PaaS) Cloud platform service. Allows you to manage its application and data.
How To Run Microsoft SQL Server On Kubernetes - Azure Kubernetes Service
Prerequisites: Azure CLI https://docs.microsoft.com/en-us/cli/azure/install-azure-cli 1. Run the Azure CLI with the az command. 1.1 Run the login command. az login Login in the browser with the azure account.