Problems with Graylog Docker image

can somebody point me to a step by step docker instalation of graylog ! i been struggling with this server for a good minute :slight_smile:

Maybe you should invest more than 60 seconds?

Did you follow the documentation at
If so, which step doesn’t work for you?

i may be dumb :slight_smile: following the docs but to much go there for this and go there for that ? been looking around, not a single step by step docker tutorial install why ?

What exactly are you missing? At which point do you struggle?

If you’re looking for a monolithic Graylog installation with all its dependencies, take a look at the virtual machine appliance:

thanks for trying to help ! i may have played with to much environnement variables ! i don’t want to use the virtual machine appliance, i already got a vm running as a vpn server connecting a brunch of routers i need to get logs from. i will start all over the configuration. but where is the tutorial from a to z :slight_smile:

that’s my docker-compopse.yml file contents for my graylog 2.3-beta with es 5.*:

version: '2'
  image: "mongo"
   - /graylog/data/mongo:/data/db
   - /graylog/data/mongobackup:/backup
  restart: always 
  image: "elasticsearch:5.4.0-alpine"
  command: ""
  restart: always
   - /graylog/data/elasticsearch:/usr/share/elasticsearch/data
   - /graylog/plugins/elasticsearch:/usr/share/elasticsearch/plugins
   - 9300:9300
   - 9200:9200
  cpuset: 3-5
  mem_limit: 1536m
  image: "graylog2/server:2.3.0-beta.1-2"
   - /graylog/data/journal:/usr/share/graylog/data/journal
   - /graylog/config:/usr/share/graylog/data/config:ro
  restart: always
  cpuset: 0-2
  mem_limit: 2g
   - 5044:5044
   - 9000:9000
   - 12900:12900
   - 514:514/udp
   - 514:514
   - 12201:12201/udp
   - 12201:12201
  image: "kibana:5.4.2"
   - /docker/kibana/:/kibana/config
  restart: always
#  ports:
#    - 5601:5601
   - elasticsearch
 image: "beevelop/nginx-basic-auth"
 restart: always
  HTPASSWD: 'admin:<redacted>'
  - kibana:web
  - 5601:80
  - kibana

as you can see it contains kibana for pretty and light graphs and dashboards, kibana in this case is secured by http-auth proxy, also, as you probably noticed, you’ll have to generate passwords, for me (50-500 msg/s) given memory constraints are enough, YMMV :slight_smile:

your set up look nice ! did you ever write about it on a blog or something ? i read we can also make logstash work alongside graylog . Sorry i need thing to be more verbose since i’m a french guy :slight_smile:

nope, i haven’t write about it anywhere, just here, i’m not a blogger kind of guy:) of course you can use logstash to convert some log messages to graylog readable format, i used it to convert cisco netflow to gelf, when i was using 1.3, now we don’t have cisco devices, and it seems graylog supports netflow in out of the box now

can someone explain to me this errors please ? thanks

hello guys,

finally got graylog running :slight_smile: what is the latest graylog image for docker ? i used graylog2/server:2.2.1-1 as in the doc and graylog system say is an outdated version.

if i want to add my email server should i modifiy my docker compose file and launch it again or i can do it differently?

why graylog doesn’t come with the ability to add webhooks link to send notification alerts to slack like for example ?

thanks for the reply

See Docker

Yes, you should change the settings (environment variables) in your docker-compose.yml file.

Because functionality only few users require are best implemented in plugins, e. g. the NEW Marketplace - Graylog Community

ok thanks !

so how can i add this plugin to my installation ? i’m such a newbie :slight_smile:

Please read the documentation for the Docker image:

i wish i could fully understand this part of the doc :joy:

you really gotta be a system admin to use graylog ! :sleepy:

You don’t need to be a system admin to use Graylog, but you need to know quite a lot about IT to be able to set it up.

Sure !
i got my graylog server on aws ec2 instance ! it run now and i’m able to get log from localhost !

i try to connect a node to the private ip of the instance but the node fail to run ! what i missed ? It say i cannot bind to this address.

i got the idea of getting logs from my others instances in the same vpc than graylog server.

also running pritunl server ( next to graylog to connect some routers to the instance by vpn and communicate with other app installed in the instance (working great) !, i wish to get logs from them too

really try to own all my data. everything private !!! :rofl:

Without any specific information it’s not possible to help you.

everything look like working now from the others aws instances to the routers behind vpn logs going to graylog !


really hard to understand at first but graylog is a great, great software! :joy:

only the slack plugin integration missing now and i’m free ! :persevere:

1 Like

Help ! Integrate Slack With my Graylog docker Image PLEASE !!! :pray: