Hello
Perhaps these posts.
Don’t be fooled by the naming convention of these posts, I do see commands that would be able to help.
- Docker image: admin password can't be changed after the first start · Issue #53 · Graylog2/graylog2-images · GitHub
- How to change admin password for Docker after initial start (persisted data)?
- Login problem with GrayLog after installation - Docker Compose
To sum it up, You need to reset the Admin password. This is done only by reconfiguring the Graylog server configuration file. This is where the hashed password is locate.
Example:
Graylog comes with a default configuration that works out of the box but you have to set a password for the admin user. Also the web interface needs to know how to connect from your browser to the Graylog API. Both can be done via environment variables.
-e GRAYLOG_PASSWORD_SECRET=somepasswordpepper
-e GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
-e GRAYLOG_WEB_ENDPOINT_URI="http://127.0.0.1:9000/api"
In this case you can login to Graylog with the user and password admin. Generate your own password with this command:
$ echo -n yourpassword | shasum -a 256
This all can be put in a docker-compose file, like:
version: '2'
services:
some-mongo:
image: "mongo:3"
some-elasticsearch:
image: "elasticsearch:6"
command: "elasticsearch -Des.cluster.name='graylog'"
graylog:
image: graylog2/server:4.x.x.x
environment:
GRAYLOG_PASSWORD_SECRET: somepasswordpepper
GRAYLOG_ROOT_PASSWORD_SHA2: 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
GRAYLOG_WEB_ENDPOINT_URI: http://127.0.0.1:9000/api
links:
- some-mongo:mongo
- some-elasticsearch:elasticsearch
ports:
- "9000:9000"
After starting the three containers with docker-compose up open your browser with the URL http://127.0.0.1:9000 and login with admin:some_password
Hope that helps