How to setup GrayLog using TrueNas Scale

I try to run the docker container using the latest TrueNas Scale version. I did not manage yet.

I hope that someone did manage to get the actual docker image running using TrueNas Scale and is willing to explain how that should/could be done.

Hey @louis

How did you go about setting this up? What documentation did you use and can you show any configuration made?

There is an awful lot of documentation. But I does/did assume that almost every thing is predefined inside the container. Containers are there to keep things simple, … I hope. (I do not have any experience with Kubernetes or Docker)

And I am of course using truenas which does on purpose try to keep things simple. So my hope was and is that I can manage the installation from the truenas gui (at least up to the moment I can access the GrayLog gui.

Before trying to configure / start the container I did two things:

  • I created a dataset intended to store the GrayLog data and settings
  • pulled the container (sha256:77bdf1de0ca65475006664c11c579cbccfdafdc6feb18e049a7d7e06ad7a9ff9 graylog/graylog:5.0.5-1 2023-03-06 14:05:29 538.76 MiB Up to date)

Than I went to TrueNas Apps ‘Launch Docker Image’.

I describe below the things I changed from the defaults:

  • application name: graylog
  • image repository: graylog/graylog
  • image tag: latest
  • container Args: I tested with and without a password secret
    networking host interface ‘vlan100’ interface
    IPAM Type: to keep it simple for the moment I choose Use DHCP (should be a fixed address later on)
    DNS: I tried with and without a DNS (
    Storage Hostpath: the path to the created dataset
    Mount Path: /mnt/GrayLog
    Portal Name: ‘My GrayLog Portal’


=> DEPLOYING (what never stops)

Shell => Containers field is empty !!!
Logs => The Same

Hey Louis,

I’ve not used TrueNAS Scale myself but understand it’s K8’s with a GUI and so Graylog/Mongo/Opensearch should all be able to run.

Have you managed to setup any containerised apps prior to Graylog with TrueNAS, if not i would recommend starting with a simple Ngnix server as this requires little to no configuration outside of exposing a port to your network.

Graylog relies upon Mongo and Elastic, it would be best to have instances of these running before you launch your Graylog container.

While you are correct that in certain ways K8’s simplifies the running of services/apps, if you have no foundational knowledge on the subject it can still be difficult. TrueNAS Scale appears to be a hypervisor, perhaps initially running Graylog on a VM would be an easier approach albeit not quite as satisfying.

Yep, I also consider using a VM. However …

At this moment I am building a new server intended to function as both NAS and VM-server. That did not work in the past year(s), but now TrueNas scale seems to be mature enough to do the job.

At this moment I am ‘evaluating’ multiple options how to setup the ‘NAS/Server’ exactly. Where my actual feeling is:

  • Kubernetes: for things like a media player and e.g. GrayLog (all things which stay inside my home) and
  • all ‘public’ things (webserver, SFTP-server etc) in VM’s
  • just like complete OS’n

But I am not sure, Kubernetes etc are very popular, and certainly interesting if you are dealing with clusters … but also very complex. Second advantage is that it seems to keep software up to date

Which is in opposite to what you read here and there ‘just download a container’ and start it

So, my idea was why not start with GrayLog …
Just as I did run GrayLog as a app in a TrueNas Core Jail in the past …
(app does not install on truenas core at the moment, for unkown reasons)

I’m not sure Graylog utilises the ‘latest’ tag, if a tag is required perhaps try 5.0.

As far as a baseline for configuration options go, you should include the below.

          value: your.value
          value: your.value
          value: -Xms1g -Xmx1g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB
            -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled
            -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow

As part of a launch check Graylog will need to be able to write to a mongo instance, so look to get that spun up along with Opensearch.

I am trying a lot of things at the moment. I tried for instance to get the MongoDB container running on TrueNas. Not really … it runs but the authorization is not working, so not usable yet.

I also tried openSearch … not successful as well, I hardly tried given the MongoDB issue …

At the same time my GrayLog instance in a Jail on TrueNas core FreeBSD, is running again. So given that situation, I stick with my running GrayLog app on core for the moment.

No idea what I am going to do if I solved a couple of other issues, perhaps I retry, perhaps I create a VM what looks a lot simpler