Admin: Text replacement - "Category:Wiki" to "Category:Wiki '''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]''''' "

2026-01-17T07:05:47Z

Text replacement - "Category:Wiki" to "Category:Wiki '''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]''''' "

← Older revision		Revision as of 07:05, 17 January 2026
Line 1:		Line 1:
	[[Category:Wiki]]		[[Category:Wiki]]

			'''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]'''''


	== Introduction ==		== Introduction ==

Admin: Created page with "Category:Wiki == Introduction == Graylog is an open-source log management platform that helps you to collect, index, and analyze log data from various sources in real-time. It provides powerful tools for searching, visualizing, and alerting based on log data. This document provides a detailed guide on how to install Graylog on Ubuntu 24.4 and configure it for use. == System Requirements == Before proceeding with the installation of Graylog, ensure that your system..."

2025-12-14T08:42:25Z

Created page with "Category:Wiki == Introduction == Graylog is an open-source log management platform that helps you to collect, index, and analyze log data from various sources in real-time. It provides powerful tools for searching, visualizing, and alerting based on log data. This document provides a detailed guide on how to install Graylog on Ubuntu 24.4 and configure it for use. == System Requirements == Before proceeding with the installation of Graylog, ensure that your system..."

New page

[[Category:Wiki]]

== Introduction ==
Graylog is an open-source log management platform that helps you to collect, index, and analyze log data from various sources in real-time. It provides powerful tools for searching, visualizing, and alerting based on log data. This document provides a detailed guide on how to install Graylog on Ubuntu 24.4 and configure it for use.

== System Requirements ==
Before proceeding with the installation of Graylog, ensure that your system meets the following requirements:

* Ubuntu 24.4 LTS or later
* At least 4GB of RAM
* At least 2 CPUs
* Elasticsearch version 8.x
* MongoDB version 6.x
* Java Runtime Environment (JRE) 11 or later
* OpenJDK 11 or later is recommended

== Prerequisites ==
Before installing Graylog, you will need to set up some essential components:

=== Elasticsearch Setup ===
Graylog uses Elasticsearch as its backend for storing logs. Follow the steps below to install Elasticsearch on Ubuntu 24.4.

<nowiki>
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.x.x-linux-x86_64.tar.gz
tar -xvf elasticsearch-8.x.x-linux-x86_64.tar.gz
cd elasticsearch-8.x.x/
./bin/elasticsearch</nowiki>

Configure Elasticsearch to start as a service:

<nowiki>
sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch</nowiki>

=== MongoDB Setup ===
Graylog also requires MongoDB to store metadata. To install and configure MongoDB on Ubuntu 24.4, use the following commands:

<nowiki>
sudo apt update
sudo apt install -y mongodb
sudo systemctl enable mongodb
sudo systemctl start mongodb</nowiki>

=== Java Runtime Environment ===
Graylog requires Java to run. For optimal performance, install OpenJDK 11 or later:

<nowiki>
sudo apt install openjdk-11-jdk</nowiki>

Verify that Java has been installed correctly:

<nowiki>
java -version</nowiki>

== Installing Graylog ==
After installing the required components, you can install Graylog itself. First, add the Graylog repository:

<nowiki>
wget https://packages.graylog2.org/repo/packages/graylog-4.x.x-repository-1.noarch.rpm
sudo dpkg -i graylog-4.x.x-repository-1.noarch.rpm</nowiki>

Update your apt package list and install Graylog:

<nowiki>
sudo apt update
sudo apt install graylog-server</nowiki>

Once the installation is complete, configure Graylog by editing the configuration file.

== Configuring Graylog ==
Graylog's configuration file is located at `/etc/graylog/server/server.conf`. Below are some important configuration settings:

=== Set Password Secret ===
Graylog uses a password secret for securing communication. Set a password secret by generating a random string:

<nowiki>
openssl rand -base64 32</nowiki>

Paste the generated string in the `password_secret` field in `server.conf`.

=== Set Root Password Hash ===
Graylog requires a root password hash for initial login. You can generate this using the `graylog-password` utility:

<nowiki>
echo -n yourpassword | sha256sum</nowiki>

Copy the generated hash and paste it into the `root_password_sha2` field in `server.conf`.

=== Set the Web Interface URL ===
In the `server.conf` file, you will need to specify the web interface URL:

<nowiki>
http_bind_address = 0.0.0.0:9000</nowiki>

This binds Graylog’s web interface to all available network interfaces on port 9000.

== Starting Graylog ==
Once you've configured Graylog, you can start the Graylog server service:

<nowiki>
sudo systemctl enable graylog-server
sudo systemctl start graylog-server</nowiki>

Check the Graylog server status:

<nowiki>
sudo systemctl status graylog-server</nowiki>

== Accessing the Web Interface ==
Once the server is up and running, you can access the Graylog web interface by opening a browser and navigating to `http://<your_server_ip>:9000`. Log in with the default username `admin` and the password you set in the `root_password_sha2` configuration.

== Post-Installation Configuration ==
After installing and accessing the Graylog web interface, you can proceed with additional configuration such as:

* Setting up inputs to collect logs from various sources.
* Configuring extractors to parse the logs.
* Setting up streams and alerts to monitor log data.
* Integrating with external data sources, like Syslog or Beats.

== Useful Links ==
* [Graylog Documentation](https://docs.graylog.org)
* [Graylog GitHub Repository](https://github.com/Graylog2/graylog2-server)
* [Elasticsearch Installation Guide](https://www.elastic.co/guide/en/elasticsearch/reference/index.html)
* [MongoDB Installation Guide](https://www.mongodb.com/docs/manual/installation/)
* [OpenJDK Installation Guide](https://openjdk.java.net/)

GRAYLOG - Install on Ubuntu 24.4 - Revision history

Admin: Text replacement - "Category:Wiki" to "Category:Wiki '''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]''''' "