Why is the installation guide so confusing?

mattimac · April 29, 2024, 1:35am

Assume im not familiar with Graylog. Simplest setup - single node, ubuntu 22.04.4 LTS
I have trouble starting the most basic Graylog config, doc is confusing.

How can i know which Graylog version i should choose? Not a word on this in the guide Installing Graylog
How do i know which version of Opensearch to install (and what is actually Opensearch)? Point 5 of the Opensearch installation only provides command how to list the versions available for installation but provide no tips how to choose the proper ones (will all work?)
The guide does not list commands for downloading proper version of Opensearch and setting default password (which i understand is needed later on to give Graylog connection to opensearch).
In result of all this im stuck at
tail -f /var/log/graylog-server/server.log

2024-04-29T01:32:52.681Z INFO  [VersionProbe] OpenSearch/Elasticsearch is not available. Retry #219
2024-04-29T01:32:57.683Z ERROR [VersionProbe] Unable to retrieve version from Elasticsearch node: Failed to connect to /127.0.0.1:9200. - Connection refused.
2024-04-29T01:32:57.683Z INFO  [VersionProbe] OpenSearch/Elasticsearch is not available. Retry #220

would appreciate help and improvements to the guide for Graylog newbies. Around 2-3 years ago i succesfully used the guide to start graylog. Now i am unable to do that.

opensearch apparently not running

× opensearch.service - Opensearch
     Loaded: loaded (/etc/systemd/system/opensearch.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2024-04-29 01:21:54 UTC; 15min ago
       Docs: https://opensearch.org/docs/latest
    Process: 228899 ExecStart=/graylog/opensearch/bin/opensearch (code=exited, status=1/FAILURE)
   Main PID: 228899 (code=exited, status=1/FAILURE)
        CPU: 9.365s

Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.bootstrap.OpenSearch.execute(OpenSearch.java:171)
Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.cli.EnvironmentAwareCommand.execute(EnvironmentAw>
Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.cli.Command.mainWithoutErrorHandling(Command.java>
Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.cli.Command.main(Command.java:101)
Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:137)
Apr 29 01:21:54 graylog opensearch[228899]:         at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:103)
Apr 29 01:21:54 graylog opensearch[228899]: For complete error details, refer to the log at /var/log/opensearch/graylog>
Apr 29 01:21:54 graylog systemd[1]: opensearch.service: Main process exited, code=exited, status=1/FAILURE
Apr 29 01:21:54 graylog systemd[1]: opensearch.service: Failed with result 'exit-code'.
Apr 29 01:21:54 graylog systemd[1]: opensearch.service: Consumed 9.365s CPU time.

 tail -f /var/log/opensearch/graylog.log
        at org.opensearch.plugins.PluginsService.loadBundle(PluginsService.java:730) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.plugins.PluginsService.loadBundles(PluginsService.java:532) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.plugins.PluginsService.<init>(PluginsService.java:195) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.node.Node.<init>(Node.java:413) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.node.Node.<init>(Node.java:336) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:244) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.bootstrap.Bootstrap.setup(Bootstrap.java:244) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.bootstrap.Bootstrap.init(Bootstrap.java:414) ~[opensearch-2.0.1.jar:2.0.1]
        at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:180) ~[opensearch-2.0.1.jar:2.0.1]
        ... 6 more

faen · April 29, 2024, 4:58pm

It seems like this is a brand new install - just install the most recent version.
The guide says Opensearch 1.x or 2.x. I would install the most recent Opensearch 2.x. I’m on Elastic myself and probably need to migrate.
Please check again on this page: Ubuntu Installation

system · May 13, 2024, 4:59pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
What changes are needed for fresh graylog 5. installation to enable opensearch / disable elasticsearch Graylog Central (peer support)	2	1335	January 17, 2023
Graylog version 6 installation on Ubuntu 24.04 Graylog Central (peer support)	2	1590	August 14, 2024
New Ubuntu install - initial setup prompting to configure opensearch? Graylog Central (peer support)	20	685	June 4, 2024
[REQ] Info installation Graylog 4.3 on Ubuntu 22.04 Graylog Central (peer support)	3	1101	June 13, 2022
Ubuntu Install Instructions not working Graylog Central (peer support)	5	527	February 2, 2024

Why is the installation guide so confusing?

Related topics