2022 | Graylog Install-Free-Open source|Centralized Log Management-Syslog-Monitor pfSense-Unifi

Опубликовано: 06 Октябрь 2024
на канале: FOSS DOM

813

#Install OpenJDK

sudo add-apt-repository universe
sudo apt-get update && sudo apt-get upgrade -y
sudo apt-get install apt-transport-https openjdk-11-jre-headless uuid-runtime pwgen -y

#Install Elasticsearch

wget -qO - https://artifacts.elastic.co/GPG-KEY-... | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages... stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
sudo apt-get update && sudo apt-get install elasticsearch-oss
sudo nano /etc/elasticsearch/elasticsearch.yml
Add these two lines to the end of the file.

cluster.name: graylog
action.auto_create_index: false

ctrl o, ctrl x

sudo systemctl daemon-reload
sudo systemctl restart elasticsearch
sudo systemctl enable elasticsearch

#Install MongoDB

sudo apt install mongodb-server -y
sudo systemctl start mongodb
sudo systemctl enable mongodb

#Install Graylog

wget https://packages.graylog2.org/repo/pa...
sudo dpkg -i graylog-4.3-repository_latest.deb
sudo apt-get update
sudo apt-get install graylog-server -y

pwgen -N 1 -s 96
echo -n Strong@123Password | sha256sum
sudo nano /etc/graylog/server/server.conf
Update password_secret with the 96-character random string you generated earlier.
Update root_password_sha2 with the 64-character hash of your admin password.
Update http_bind_address as shown:
http_bind_address = 0.0.0.0:9000
sudo systemctl daemon-reload
sudo systemctl restart graylog-server
sudo systemctl enable graylog-server
sudo systemctl status graylog-server

http://IP:9000