Docker Graylog 2.3 Issues


(Zach) #1

Hello all,
I am running Ubuntu 16.04 LTS, Docker, and Portainer. I have followed the directions on graylog’s Docker setup and have ran into a few issues. Besides their lack of adding ports to the container that need to be opened. I am still persistently getting errors on certain pages. Error 500 or 400 depending on the page.

I get errors when trying to do certain things:
Adding Stream Rules

Creating Stream Rule failed with status: Error: cannot POST http://graylog2:9000/api/streams/59838a32cff47e0001a77436/rules (400)
Viewing Search Results
Loading field information failed with status: cannot GET http://graylog2:9000/api/system/fields (500)
and Loading the Index Sets page
Fetching index sets list failed: Unable to read information for indices [graylog_*]

Has anyone setup Graylog2 on Docker before and can give me their run commands for graylog. I have tested Elasticsearch and it is working and the mongo database is persisting my data.
I noticed that on some of the docker install pages it asks for Mongo:2 vs Mongo:3. Has Elasticsearch been update beyond v2?


(Jochen) #2

What’s in the logs of Graylog and Elasticsearch?


(Zach) #3

I didn’t look. I just installed the 2.2.3 version and everything works as the documentation suggests. Has anyone else tried this. I don’t have the time to invest to trying to install it the 4th time. I tried it on 3 separate VM’s and even starting from scratch. 2.3 doesn’t seem to work on docker.

Here is the write-up that i did after i got it installed and working with 2.2.3"

sudo docker run --name some-mongo --restart unless-stopped -p 27017:27017 -v /graylog/data/mongo:/data/db -d mongo:3
sudo docker run --name some-elasticsearch --restart unless-stopped -p 9200:9200 -p 9300:9300 -v /graylog/data/elasticsearch:/usr/share/elasticsearch/data -d elasticsearch:2 elasticsearch -Des.cluster.name="graylog"

Create Password SHA2
echo -n yourpassword | shasum -a 256

Create Persisting Log Data
sudo mkdir /graylog/config
cd /graylog/config
sudo wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.2/docker/config/graylog.conf
sudo wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.2/docker/config/log4j2.xml

Install Graylog
sudo docker run --link some-mongo:mongo --link some-elasticsearch:elasticsearch --restart unless-stopped -p 9000:9000 -p 12201:12201 -p 514:514 -p 5044:5044 -v /graylog/data/journal:/usr/share/graylog/data/journal -v /graylog/config:/usr/share/graylog/data/config -e GRAYLOG_PASSWORD_SECRET='<passwordsecret>' -e GRAYLOG_ROOT_PASSWORD_SHA2=<HASHHERE> -e GRAYLOG_WEB_ENDPOINT_URI="http://<servername or ip>:9000/api" -d graylog2/server:2.2.3-1


(system) #4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.