Security of OVA - upgrade path?

I have the OVA working, and data coming in, thx to the sample config file in the sidecar for nxlog…I know that this appliance is not recommended for production, but I cannot find anywhere where is specifically says why – are there specific packages.features missing which make it risky to use … If we do decide to go with this graylog platform, do we need to build from scratch, assembling all the parts together inside Ubuntu Server, or can we patch the appliance to make it fully compliant ?


Did you trust a virtual computer that you download from somewhere to run your production data on that? Did you comply with all decisions that are made by an unknown person about configuration to made the right choice for your production setup? A person that has never seen your environment?

What will you tell the auditor if he asks you about the system configuration? What will you tell your supervisor if the system crashes but you do not know how to recover?

That is not a question of configuration or missing pieces - it is a question of responsibility to your environment.

EDIT: To answer the question from the headline. We will never guarantee that you will have a working upgrade path with the OVA.

Most likely you will stuck with current graylog major version, at least there was no direct upgrade from 2.5 OVA to v. 3.0. That’s why we migrated from OVA to package installation.

growth and scalability will also come into play… the OVA has everything on one machine. Elasticseach and Graylog should be separated for a lot of reasons. use the OVA for trying out Graylog, arguably for testing or development, but both of those would be better served by smaller instances of your production deployment.

IMHO of course.

OK - thank you for all of your honest responses…

we will continue testing with the OVA, and when the time comes, we will start a ‘legitimate’ build of graylog. Assume it is alright to run as a VM ? If not, this is good to know …

Is there a preferred platform to build upon (I see the OVA is Ubuntu-based ) - Experience of group is most helpful here

I run it on CentOS, and at times am glad I am, and other times wish I used Ubuntu. Use what you have experience with, if you don’t have experience with either, I would recommend Ubuntu since most of the documentation examples are sourced from Ubuntu. VM is perfectly fine. just be sure the hardware underneath is up to the task.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.