Morioh
Login
Arvel Miller

Arvel Miller

3 years ago

Graylog is an open-source log management tool that helps you to store and analyze any machine logs centrally. Graylog set up consists of three components Graylog server, Elasticsearch, and MongoDB.

Here, we will see how to install Graylog on Ubuntu 20.04.

Install Java

Graylog set up requires Java version 8 or higher. You can use either OpenJDK or Oracle JDK on your machine to proceed further.

READ: How To Install Oracle Java on Ubuntu 20.04

Here, I will use OpenJDK 11.

sudo apt update

sudo apt install -y apt-transport-https openjdk-11-jre-headless uuid-runtime pwgen curl dirmngr

Verify the Java version post installing OpenJDK.

java -version

Output:

openjdk version "11.0.8" 2020-07-14
OpenJDK Runtime Environment (build 11.0.8+10-post-Ubuntu-0ubuntu120.04)
OpenJDK 64-Bit Server VM (build 11.0.8+10-post-Ubuntu-0ubuntu120.04, mixed mode, sharing)

Install Elasticsearch

Elasticsearch store logs coming from external sources and offers real-time distributed search and analytics with the RESTful web interface.

Download and install the GPG signing key.

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Set up the Elasticsearch repository on your system by running the below command.

echo "deb https://artifacts.elastic.co/packages/oss-6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list

Update the repository cache and then install the Elasticsearch package.

sudo apt update

sudo apt install -y elasticsearch-oss

Edit the Elasticsearch configuration file to set the cluster name for Graylog set up.

sudo nano /etc/elasticsearch/elasticsearch.yml

Set the cluster name as  graylog, as shown below.

cluster.name: graylog

Then, uncomment the below line.

action.auto_create_index: false

Start the Elasticsearch service to read the new configurations.

sudo systemctl daemon-reload

sudo systemctl start elasticsearch

sudo systemctl enable elasticsearch

Wait at least a minute to let the Elasticsearch get fully started.

Elastisearch should be now listening on port 9200. Use the  curl command to check the Elasticsearch’s response.

curl -X GET http://localhost:9200

Output:

Ensure the output has the cluster name,  graylog.

{
  "name" : "vQklpl4",
  "cluster_name" : "graylog",
  "cluster_uuid" : "jLztxJoOROK-XuZkoKJr6A",
  "version" : {
    "number" : "6.8.11",
    "build_flavor" : "oss",
    "build_type" : "deb",
    "build_hash" : "00bf386",
    "build_date" : "2020-07-09T19:08:08.940669Z",
    "build_snapshot" : false,
    "lucene_version" : "7.7.3",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

#ubuntu #elasticsearch #graylog #java #log management #mongodb

How To Install Graylog On Ubuntu 20.04

itzgeek.com

How To Install Graylog On Ubuntu 20.04

Graylog is an open-source log management tool that helps you to store and analyze any machine logs centrally. Graylog set up consists of three components Graylog server, Elasticsearch, and MongoDB.

9.10 GEEK