Graylog is an open-source log management and analysis tool that can be used to collect, index, and analyze log data from different sources. In this tutorial, we will show you how to install Graylog on Fedora CoreOS.
Graylog can be installed using Docker. Therefore, the first step is to install Docker on the server. It can be done by running the following command:
sudo dnf install docker
After Docker has been installed, start the Docker service and enable it to start at boot time:
sudo systemctl start docker
sudo systemctl enable docker
Docker Compose is a tool used to define and run multi-container Docker applications. We will need to install it to run Graylog.
Run the following command to install Docker Compose:
sudo dnf install -y python3-pip libffi-devel openssl-devel gcc redhat-rpm-config
sudo pip3 install docker-compose
To install Graylog, you will need to create a Docker Compose file called docker-compose.yml. You can do this by running the following command:
sudo nano docker-compose.yml
Paste the following code into the docker-compose.yml file:
version: '3'
networks:
graylog:
services:
mongodb:
image: mongo:4.2
networks:
- graylog
volumes:
- mongo_data:/data/db
restart: always
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
networks:
- graylog
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xmx512m -Xms512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- es_data:/usr/share/elasticsearch/data
- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
restart: always
graylog:
image: graylog/graylog:4.0
networks:
- graylog
environment:
- GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/
- GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000
- GRAYLOG_HTTP_PUBLISH_URI=http://YOUR_PUBLIC_IP:9000/
- GRAYLOG_ROOT_TIMEZONE=UTC
- GRAYLOG_PASSWORD_SECRET=somepasswordpepper
- GRAYLOG_ROOT_PASSWORD_SHA2=yourpasswordhash
- GRAYLOG_ELASTICSEARCH_HOSTS=http://elasticsearch:9200
- GRAYLOG_MONGODB_URI=mongodb://mongodb:27017/graylog
ports:
- 9000:9000
- 1514:1514
- 1514:1514/udp
restart: always
volumes:
mongo_data:
driver: local
es_data:
driver: local
Note: Make sure to replace YOUR_PUBLIC_IP with your server's public IP.
Save and close the file when you are done.
Finally, start the Graylog services using the following command:
sudo docker-compose up -d
Open your web browser and enter the following URL to access the Graylog web interface:
http://YOUR_PUBLIC_IP:9000
Note: Replace YOUR_PUBLIC_IP with your server's public IP.
You should now see the Graylog login screen. Use the credentials you provided in the docker-compose.yml file to log in.
Now you know how to install Graylog on a Fedora CoreOS server using Docker Compose. You can use Graylog to manage and analyze log data in your infrastructure.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!
