JOIN GRAYLOG FOR OUR

ANNUAL CONFERENCE

Thursday,
October 21, 2021
10am-5pm CT
REGISTER NOW

Step: 3 Install Dependencies

In Step 3 of our Graylog User’s Journey, what dependencies did you install?

  • Specifically, what additional files, components, or software packages did you need to install to work with Graylog?
  • How well did the installations go?
  • Did you encounter any issues during this step? If so, how did you resolve them?

Pick up another point for your response to this question.

GEOIP:

  • If you want to use GeoIP you definitelly need MaxMind DB database and setup correct file permission.
  • You have to create free account in MaxMind website to download required files, which changed recently. After that place downloaded file to graylog directory /etc/graylog/server/.
  • Don’t forget to setup correct ownerships for downloaded file, so graylog can read it. Change owner and group to graylog using this command:
    sudo chown graylog:graylog /etc/graylog/server/GeoLite2-City.mmdb
  • Installation of GeoIP if very smooth if you follow one of these nice blog posts:
    How to Set Up Graylog GeoIP Configuration | Graylog
    Implementing Geolocation with Graylog Pipelines | Graylog

HTTPie:

  • It is nice http client when you play with Rest API, it’s much more simpler than curl.
    https://httpie.io/

Whois lookup

  • If you try to use whois lookup table, don’t forget to enable port 43 tcp on your firewall from graylog box to internet.
1 Like