can somebody point me to a step by step docker instalation of graylog ! i been struggling with this server for a good minute
Maybe you should invest more than 60 seconds?
Did you follow the documentation at http://docs.graylog.org/en/2.2/pages/installation/docker.html?
If so, which step doesn’t work for you?
i may be dumb following the docs but to much go there for this and go there for that ? been looking around, not a single step by step docker tutorial install why ?
What exactly are you missing? At which point do you struggle?
If you’re looking for a monolithic Graylog installation with all its dependencies, take a look at the virtual machine appliance: http://docs.graylog.org/en/2.2/pages/installation/virtual_machine_appliances.html
thanks for trying to help ! i may have played with to much environnement variables ! i don’t want to use the virtual machine appliance, i already got a vm running as a vpn server connecting a brunch of routers i need to get logs from. i will start all over the configuration. but where is the tutorial from a to z
docker-compopse.yml file contents for my graylog 2.3-beta with es 5.*:
version: '2' services: mongo: image: "mongo" volumes: - /graylog/data/mongo:/data/db - /graylog/data/mongobackup:/backup restart: always elasticsearch: image: "elasticsearch:5.4.0-alpine" command: "-Ecluster.name=graylog" restart: always volumes: - /graylog/data/elasticsearch:/usr/share/elasticsearch/data - /graylog/plugins/elasticsearch:/usr/share/elasticsearch/plugins ports: - 9300:9300 - 9200:9200 cpuset: 3-5 mem_limit: 1536m server: image: "graylog2/server:2.3.0-beta.1-2" volumes: - /graylog/data/journal:/usr/share/graylog/data/journal - /graylog/config:/usr/share/graylog/data/config:ro restart: always cpuset: 0-2 mem_limit: 2g environment: GRAYLOG_PASSWORD_SECRET: "<redacted>" GRAYLOG_ROOT_PASSWORD_SHA2: "<redacted>" GRAYLOG_REST_TRANSPORT_URI: "http://192.168.0.135:12900" ports: - 5044:5044 - 9000:9000 - 12900:12900 - 514:514/udp - 514:514 - 12201:12201/udp - 12201:12201 kibana: image: "kibana:5.4.2" volumes: - /docker/kibana/:/kibana/config restart: always # ports: # - 5601:5601 depends_on: - elasticsearch auth: image: "beevelop/nginx-basic-auth" restart: always environment: HTPASSWD: 'admin:<redacted>' FORWARD_PORT: 5601 links: - kibana:web ports: - 5601:80 depends_on: - kibana
as you can see it contains kibana for pretty and light graphs and dashboards, kibana in this case is secured by http-auth proxy, also, as you probably noticed, you’ll have to generate passwords, for me (50-500 msg/s) given memory constraints are enough, YMMV
your set up look nice ! did you ever write about it on a blog or something ? i read we can also make logstash work alongside graylog . Sorry i need thing to be more verbose since i’m a french guy
nope, i haven’t write about it anywhere, just here, i’m not a blogger kind of guy:) of course you can use logstash to convert some log messages to graylog readable format, i used it to convert cisco netflow to gelf, when i was using 1.3, now we don’t have cisco devices, and it seems graylog supports netflow in out of the box now
finally got graylog running what is the latest graylog image for docker ? i used graylog2/server:2.2.1-1 as in the doc and graylog system say is an outdated version.
if i want to add my email server should i modifiy my docker compose file and launch it again or i can do it differently?
why graylog doesn’t come with the ability to add webhooks link to send notification alerts to slack like for example ?
thanks for the reply
Yes, you should change the settings (environment variables) in your
Because functionality only few users require are best implemented in plugins, e. g. https://marketplace.graylog.org/addons/2b7c3403-60d8-488e-b4be-79364bde1634
ok thanks !
so how can i add this plugin to my installation ? i’m such a newbie
Please read the documentation for the Docker image: http://docs.graylog.org/en/2.2/pages/installation/docker.html#plugins
i wish i could fully understand this part of the doc
you really gotta be a system admin to use graylog !
You don’t need to be a system admin to use Graylog, but you need to know quite a lot about IT to be able to set it up.
i got my graylog server on aws ec2 instance ! it run now and i’m able to get log from localhost !
i try to connect a node to the private ip of the instance but the node fail to run ! what i missed ? It say i cannot bind to this address.
i got the idea of getting logs from my others instances in the same vpc than graylog server.
also running pritunl server (pritunl.com) next to graylog to connect some routers to the instance by vpn and communicate with other app installed in the instance (working great) !, i wish to get logs from them too
really try to own all my data. everything private !!!
Without any specific information it’s not possible to help you.
everything look like working now from the others aws instances to the routers behind vpn logs going to graylog !
thanks for everything ! I JUST NEED TO KEEP LEARNING AND STOP CRYING LIKE A BABY ! .
really hard to understand at first but graylog is a great, great software!
only the slack plugin integration missing now and i’m free !
Help ! Integrate Slack With my Graylog docker Image PLEASE !!!