STEP 4: Install Graylog 2.0
Download and install the latest Graylog repository in our system so we can use yum to install the software.
|
1 2 |
rpm -Uvh https://packages.graylog2.org/repo/packagehttps://rootcommand.com/wp-admin/post.php?post=346&action=edit#s/graylog-2.0-repository_latest.rpm yum install -y graylog-server |
After the installation, we need to generate the secret keys. We will be using pwgen to generate the random keys for the Graylog configuration.
|
1 2 3 4 5 6 7 |
SECRET=$(pwgen -s 96 1) sudo -E sed -i -e 's/password_secret =.*/password_secret = '$SECRET'/' /etc/graylog/server/server.conf # Web Interface Admin Password PASSWORD=$(echo -n password | sha256sum | awk '{print $1}') sudo -E sed -i -e 's/root_password_sha2 =.*/root_password_sha2 = '$PASSWORD'/' /etc/graylog/server/server.conf |
Note: The admin password is set on the 5th line. Be sure to change password inĀ echo -n password.
Open the configuration file vim /etc/graylog/server/server. and edit the following:
|
1 2 3 4 5 |
rest_transport_uri = http://127.0.0.1:12900/ elasticsearch_shards = 1 elasticsearch_cluster_name = graylog elasticsearch_discovery_zen_ping_multicast_enabled = false elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300 |
Run Graylog server
|
1 2 |
service graylog-server start chkconfig graylog-server on |
Allow Graylog server to initialize for a few minutes. Afterwards, check if Graylog Web Interface is already bound to port 9000.
|
1 2 3 4 |
netstat -pnlt | grep ":9000" # Output tcp 0 0 :::9000 :::* LISTEN 23854/java |
Test it out and explore its options by going to
http://Graylog_IP_Address:9000
where Graylog_IP_Address is your Graylog server’s IP address or localhost if you installed it in your local machine.
