1.官网地址 Industry Leading Log Management | Graylog
安装文档连接 Operating System Packages – Installing Graylog
jdk安装见另一篇文章
mongoDB安装
vim /etc/yum.repos.d/mongodb-org.repo [mongodb-org-4.2] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc安装 sudo yum install mongodb-org 启动 sudo systemctl daemon-reload sudo systemctl enable mongod.service sudo systemctl start mongod.service sudo systemctl --type=service --state=active | grep mongodes安装
首先安装Elastic GPG密钥,然后添加包含以下内容的存储库文件中,graylog4.1采用的是elasticsearch7.x版本
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch touch /etc/yum.repos.d/elasticsearch.repo vim /etc/yum.repos.d/elasticsearch.repo [elasticsearch-7.x] name=Elasticsearch repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/oss-7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md随后安装最新版本
sudo yum install elasticsearch-oss修改elasticsearch的配置文件
vim /etc/elasticsearch/elasticsearch.yml 修改 cluster.name: graylog 最后一行新增 action.auto_create_index: false启动es
sudo systemctl daemon-reload sudo systemctl enable elasticsearch.service sudo systemctl restart elasticsearch.service sudo systemctl --type=service --state=active | grep elasticsearch修改elasticsearch的jvm配置,按实际物理机器可用分配内存配置 vim /etc/elasticsearch/jvm.options 初始化内存 -Xms1g 最小内存 -Xmx1ggraylog安装
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-4.0-repository_latest.rpm最简单安装
sudo yum install graylog-server集成众多插件安装
sudo yum install graylog-server graylog-enterprise-plugins graylog-integrations-plugins graylog-enterprise-integrations-plugins安装epel软件仓库
yum install epel-release安装pwgen生成密码
yum install pwgen生成password_secret密码
[root@graylog mydata]# pwgen -N 1 -s 96 aSWvfG4xcs9Hvt9F5D8loE5bPWfuH3zhwHS2aSv0tpGC1BLRn87pj37sYQIxxyea8tFRlPLy0ce4jITy6Bq5RUO4BGVEBO4r生成root_password_sha2密码 (Web登录时所需要使用的密码)
[root@graylog mydata]# echo -n "Enter Password: " && head -1 修改配置文件
vim /etc/graylog/server/server.conf password_secret = aSWvfG4xcs9Hvt9F5D8loE5bPWfuH3zhwHS2aSv0tpGC1BLRn87pj37sYQIxxyea8tFRlPLy0ce4jITy6Bq5RUO4BGVEBO4r Web登录时所需要使用的密码 root_password_sha2 = 24889f9abcf227d18ed564ced121b17e58265cc5373e8bbb03fc72f2b64782c7 配置时区 root_timezone = Asia/Shanghai 绑定ip地址 http_bind_address = 0.0.0.0:9000 # 配置外网地址,我这里用了域名+nginx做反向代理,所以外网地址如下。没有的话就直接就用外网ip+port,如:http://外网ip:9000/ http_publish_uri = http://graylog.example.com/ # http_external_uri = http://graylog.example.com/ 单节点的话,此配置不需要配置,默认使用http_publish_uri 由于ES是单节点,修改分片设置为 1 elasticsearch_shards = 1 elasticsearch_replicas = 0 查询结果高亮 allow_highlighting = true 邮件预警配置 邮件预警配置 transport_email_enabled = true transport_email_hostname = smtp.exmail..com transport_email_port = 465 transport_email_use_auth = true transport_email_auth_username = transport_email_auth_password = xxxxx transport_email_subject_prefix = [graylog] transport_email_from_email = transport_email_use_tls = false transport_email_use_ssl = true 可选http通知 transport_email_web_interface_url = http://graylog.example.com 其他可选配置 # elasticsearch 相关配置 elasticsearch_hosts = http://127.0.0.1:9200 elasticsearch_shards =1 elasticsearch_replicas = 0 # mongodb 连接配置,这里直接本机起的mongodb,没有设置验证 mongodb_uri = mongodb://localhost/graylog为java执行目录建立软连接
ln -s /usr/local/jdk1.8.0_191/bin/java /usr/bin/java或者
# 启动需要手动设置Java路径 vim /etc/sysconfig/graylog-server --------------------------------------------------------------------------------- JAVA=/usr/local/jdk1.8.0_191/bin/java ---------------------------------------------------------------------------------日志目录
tail -50f /var/log/graylog-server/server.log tail -50f /var/log/messages启动
sudo systemctl daemon-reload sudo systemctl enable graylog-server.service sudo systemctl start graylog-server.service sudo systemctl --type=service --state=active | grep graylog版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请联系我们举报,一经查实,本站将立刻删除。
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/200516.html原文链接:https://javaforall.net
