How to Install Graylog on Kali Linux Latest?

Graylog is a popular open-source log management and analysis tool that enables organizations to collect, process, and analyze large amounts of log data. In this tutorial, we will guide you through the process of installing Graylog on Kali Linux latest version.

Before you begin

Before starting with the installation process, make sure you have the following prerequisites:

• A running instance of Kali Linux latest version
• Administrative access to your server
• At least 4GB of RAM available
• An up-to-date version of Java 8 installed on your system

Step 1: Install Elasticsearch

Elasticsearch is a distributed database that is used by Graylog to store and index log data.

1. Open a terminal window and run the following command to add the Elasticsearch repository to your system:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

2. Then, add the Elasticsearch repository to Kali Linux by running the following command:

echo "deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

3. Update the repository cache by running:

sudo apt-get update

4. Install Elasticsearch by running:

sudo apt-get install elasticsearch-oss

5. After installation is done, start and enable Elasticsearch service using the following command:

sudo systemctl enable --now elasticsearch.service

6. Verify that the Elasticsearch is running by visiting http://localhost:9200 in your web browser.

Step 2: Install MongoDB

MongoDB is a NoSQL document-oriented database used by Graylog to store configuration and meta-data.

1. Open a terminal window and add the MongoDB repository to your system by running:

echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list

2. Then, import the MongoDB GPG key by running:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

3. Update the repository cache by running:

sudo apt-get update

4. Install MongoDB by running:

sudo apt-get install -y mongodb-org

5. Start and enable the MongoDB service with the following command:

sudo systemctl enable --now mongod.service

6. Verify that the MongoDB is running by running:

mongo --eval 'db.version()'

Step 3: Install Graylog Server

Now that we have installed Elasticsearch and MongoDB, we are ready to install Graylog itself.

1. Open a terminal window and add the Graylog repository to your system by running:

wget https://packages.graylog2.org/repo/packages/graylog-4.2-repository_latest.deb
sudo dpkg -i graylog-4.2-repository_latest.deb

2. Update the repository cache by running:

sudo apt-get update

3. Install the Graylog server by running:

sudo apt-get install graylog-server

4. After installation is finished, open the Graylog server configuration file by running:

sudo nano /etc/graylog/server/server.conf

5. Locate the following lines in the configuration file and replace the IP with the IP address of your Kali Linux system:

rest_listen_uri = http://192.168.0.10:9000/api/
web_listen_uri = http://192.168.0.10:9000/

6. Save and close the configuration file.

7. Start and enable the Graylog server service by running:

sudo systemctl enable --now graylog-server.service

Step 4: Access Graylog

At this point, Graylog is up and running and we can access the web interface.

1. Open a web browser and navigate to http://:9000.

2. Login with the default credentials:

• Username: admin
• Password: password

3. Change the default password and configure the necessary settings to start collecting and visualizing logs.

That's it! You've successfully installed Graylog on Kali Linux latest version.

If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!

Alternatively, for the best virtual desktop, try Shells!