Step: 3 Install Dependencies

In Step 3 of our Graylog User’s Journey, what dependencies did you install?

• Specifically, what additional files, components, or software packages did you need to install to work with Graylog?
• How well did the installations go?
• Did you encounter any issues during this step? If so, how did you resolve them?

Pick up another point for your response to this question.

GEOIP:

• If you want to use GeoIP you definitelly need MaxMind DB database and setup correct file permission.
• You have to create free account in MaxMind website to download required files, which changed recently. After that place downloaded file to graylog directory /etc/graylog/server/.
• Don’t forget to setup correct ownerships for downloaded file, so graylog can read it. Change owner and group to graylog using this command:
  sudo chown graylog:graylog /etc/graylog/server/GeoLite2-City.mmdb
• Installation of GeoIP if very smooth if you follow one of these nice blog posts:
  How to Set Up Graylog GeoIP Configuration | Graylog
  Implementing Geolocation with Graylog Pipelines | Graylog

HTTPie:

• It is nice http client when you play with Rest API, it’s much more simpler than curl.
  https://httpie.io/

Whois lookup

• If you try to use whois lookup table, don’t forget to enable port 43 tcp on your firewall from graylog box to internet.

Hi, I have followed the exact instructions including ‘chown’ but my Data Adapter continues to show “Could not find a MaxMind DB metadata marker in this file (GeoLite2-Country.mmdb) Is this a valid MaxMind DB file?” I dont understand what I am doing wrong. I am using Graylog 5.0.2, please help