CentOS 7 Graylog安装

Posted 2020-12-29

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了CentOS 7 Graylog安装相关的知识，希望对你有一定的参考价值。

系统环境

本环境中的实验均未开启Selinux和防火墙

# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core) 
# uname -r
3.10.0-862.3.2.el7.x86_64

安装

安装java环境

# yum install java-1.8.0-openjdk-headless.x86_64

添加MongoDB源并安装服务

# vim /etc/yum.repos.d/mongodb-org-3.6.repo

[mongodb-org-3.6]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.6/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc

# yum install -y mongodb-org

开启服务并加入开机启动

# systemctl enable mongod.service
# systemctl start mongod.service

添加Elasticsearch源并安装服务

vim /etc/yum.repos.d/elasticsearch.repo

[elasticsearch-5.x]
name=Elasticsearch repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

# yum install elasticsearch

更改Elasticsearch配置文件elasticsearch.yml

vim /etc/elasticsearch/elasticsearch.yml

将集群名字改为graylog，且去掉前面的“#”

cluster.name:graylog

安装Graylog

# rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.rpm

# yum install graylog-server

更改Graylog配置文件/etc/graylog/server/server.conf

# vim /etc/graylog/server/server.conf

password_secret  #设置登录密码(密码要输入4次)
如：password_secret = 123456123456123456123456

echo -n yourpassword | sha256sum #加密方式
将上面输入的密码进行加密，然后把加密的密文复制到root_password_sha2后面，如下

root_password_sha2 #加密密码
如：root_password_sha2 = 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92

rest_listen_uri = http://内网IP:9000/

web_listen_uri = http://内网IP:9000/ 

web_endpoint_uri = http://外网IP:9000/api/ # 若无外网，则填写内网IP

elasticsearch_index_prefix = graylog #Elasticsearch索引名称，必须与Elasticsearch配置文件里集群名称(cluster.name)一致

root_timezone = Asia/Shanghai #时区配置

allow_highlighting = true #高亮显示

配置邮箱

# Email transport
transport_email_enabled = true
transport_email_hostname = smtp.163.com
transport_email_port = 465
transport_email_use_auth = true
transport_email_use_tls = true
transport_email_use_ssl = true
transport_email_auth_username = [email protected]
transport_email_auth_password = xxxx
transport_email_subject_prefix = [graylog]
transport_email_from_email = [email protected]

以上是关于CentOS 7 Graylog安装的主要内容，如果未能解决你的问题，请参考以下文章

Graylog 部署（Centos 6/7+ MongoDB3* + Graylog 3.2 + Elasticsearch6* ）

Centos7 安装Graylog 5.0收集网络设备运行日志

Centos 安装 graylog

sh RHEL / CentOS 6的graylog2安装脚本

开源日志服务器Graylog检测网络设备故障

graylog安装