I didn’t know where else to post this.
I’ve been working on installing Graylog on Ubuntu 18.04.2 LTS bionic and ran into a lot of problems trying to get elasticsearch up and running. In retrospect I made many mistakes that were my own fault for not just following the installation notes on the docs page
I think that it would be helpful to add some things to that page.
When I read:
Graylog can be used with Elasticsearch 6.x, please follow the installation instructions from the Elasticsearch installation guide:
I immediately went to the elasticsearch site and followed those instructions. It would be helpful to specifically state that you need to install the “oss” repo and version of elasticsearch.
Also, on the elasticsearch site you are told that if you disable the auto creation of indices then you must set:
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
I’m assuming that this is not something that we need to do for Graylog because I had problems starting elasticsearch when I set it.
The other thing that would be very helpful would be to explain that you should set the JAVA_HOME variable in the elasticsearch config file. This will stop the following warning:
warning: Falling back to java on path. This behavior is deprecated. Specify JAVA_HOME
This could be accomplished with:
sed -i “s|.JAVA_HOME.|JAVA_HOME=$(readlink -f /usr/bin/java | sed “s:/jre/bin/java::”)|” /etc/default/elasticsearch