![]() Take note of this password and save it somewhere. To generate it run the following command. The root_password_sha2 is the hash password for the root user. We will define these variables in the /etc/graylog/server/nf file which is the default configuration file. You need to define the following parameters in the configuration file: root_password_sha2 Step 6: Configure the Graylog Server in RHELįor Graylog to function as expected, some additional steps are required. Now, start and enable the Graylog server to start on boot time. You can verify the installation of Graylog as shown: $ rpm -qi graylog-server With all the prerequisites components installed, now install Graylog by running the following commands. To check the MongoDB version, run the command: $ mongo -versionĬheck MongoDB in RHEL Step 5: Install the Graylog Server in RHEL Once installed, start and enable MongoDB to start on system startup. We will install MongoDB 4.4, but first, create a configuration file for MongoDB. Graylog uses a MongoDB database server to store configuration data. $ curl -X GET Check Elasticsearch in RHEL Step 4: Install MongoDB in RHEL You can confirm this by sending a CURL request as shown. $ sudo systemctl start rviceĮlasticsearch listens to port 9200 by default in order to process HTTP requests. Next, enable and start the Elasticsearch service by running the following commands. Then reload the systemd manager configuration. Update the cluster name to Graylog as shown. $ sudo vim /etc/elasticsearch/elasticsearch.yml ![]() $ sudo dnf install elasticsearch-ossįor Elasticsearch to work with Graylog, a few changes are required. Next, install Elasticsearch using the DNF package manager as shown. Name=Elasticsearch repository for 7.x packages Next, paste the following lines of code to the file. We will install Elasticsearch 7.x which is the latest release at the time of publishing this guide.Ĭreate the Elasticsearch repository file. ![]() Graylog requires Elasticsearch 6.x or 7.x. It is a key component of the Elastic stack, also known as ELK (Elasticsearch, Logstash, and Kibana), and is widely used for its simple REST APIs, scalability and speed. $ java -versionĬheck Java in RHEL Step 3: Install Elasticsearch in RHELĮlasticsearch is a free and open-source search and analytics engine that handles a wide variety of data including structured, unstructured, numerical, geospatial, and textual data. Once the installation is complete, verify the version installed. This installs Java dependencies and a host of other dependencies. $ sudo dnf install java-11-openjdk java-11-openjdk-devel -y Therefore, run the following command to install OpenJDK. Here, we are going to install the latest LTS release of Java which is Java 11 which will be provided by OpenJDK 11. One of the prerequisites of installing Graylog is Java 8 and later versions. $ sudo dnf install -y pwgen wget curl perl-Digest-SHA Next, install the following packages which will be required along the way. First, install the EPEL repository which provides a rich set of software packages for RHEL & RHEL distributions. To start off, you need some essential packages which will be helpful as you move along with this guide. Step 1: Install EPEL Repo and Prerequisite Packages In this guide, we will show you how to install the Graylog log management tool on RHEL 8 and RHEL-based distros like AlmaLinux, CentOS Stream, and Rocky Linux. Some of the giant tech companies that implement Graylog in their tech stacks include Fiverr, CircleCI, CraftBase, and BitPanda. AWS – AWS logs, CloudTrail, & FlowLogs.Graylog’s architecture accepts any type of structured data including network traffic and logs from the following: ElasticSearch – This is a free and open-source search and analytics engine that parses and indexes raw data from various sources.MongoDB – A NoSQL database server for storing configuration data.The Graylog web interface – This is a browser application that gives a glance at the data and logs collected from multiple endpoints.The Graylog Server – This is the main server and is used for processing logs.It also detects threats and possible nefarious activity by conducting a deep analysis of the logs from remote sources. Graylog helps you gain more insights into the data collected by combining multiple searches for detailed analysis and reporting. Graylog is an industry-leading opensource log management solution for collecting, storing, indexing, and analyzing real-time data from applications and a myriad of devices in IT infrastructures such as servers, routers, and firewalls.
0 Comments
Leave a Reply. |