新版graylog2安装过程

Graylog是一个开源的 log 收容器,背后的储存是搭配 mongodb,而搜寻引擎则由 elasticsearch 提供。以前版本主要有两个部分集合而成 server web interface,网上搜到的教程也大都如此,而且安装过程似乎都很复杂似的,新版的graylog已经将二部分合二为一了,安装过程非常简单,而且方便集群的部署和维护。以下是安装过程,系统是centos

   

#yum -y install java-1.8.0-openjdk-headless.x86_64

   

=============disable selinux and firewall=============

   

#systemctl stop firewalld.service

#systemctl disable firewalld.service

   

# sestatus

SELinux status: enabled

SELinuxfs mount: /sys/fs/selinux

SELinux root directory: /etc/selinux

Loaded policy name: targeted

Current mode: enforcing

Mode from config file: disabled

Policy MLS status: enabled

Policy deny_unknown status: allowed

Max kernel policy version: 28

   

   

#setenforce 0

#vim /etc/sysconfig/selinux

SELINUX=disable

   

   

========================================= install MongoDB===================

# vi /etc/yum.repos.d/mongodb-org-3.2.repo

[mongodb-org-3.2]

name=MongoDB Repository

baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/

gpgcheck=1

enabled=1

gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc

   

   

# yum -y install mongodb-org

#sudo chkconfig --add mongod

#sudo systemctl daemon-reload

#sudo systemctl enable mongod.service

#sudo systemctl start mongod.service

   

===================================Install Elasticsearch ===========================================

   

# rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

   

# vi /etc/yum.repos.d/elasticsearch.repo

[elasticsearch-2.x]

name=Elasticsearch repository for 2.x packages

baseurl=https://packages.elastic.co/elasticsearch/2.x/centos

gpgcheck=1

gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch

enabled=1

   

# yum -y install elasticsearch

   

   

# vi /etc/elasticsearch/elasticsearch.yml

cluster.name: graylog2

   

#chkconfig --add elasticsearch

#systemctl daemon-reload

#systemctl enable elasticsearch.service

#systemctl restart elasticsearch.service

   

# curl -X GET http://localhost:9200

   

{

"status" : 200,

"name" : "Silver Fox",

"cluster_name" : "graylog2"

},

"tagline" : "You Know, for Search"

}

   

========================================== install graylog2 =============================

#rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.0-repository_latest.rpm

#yum install graylog-server

   

# vi /etc/graylog/server/server.conf

password_secret = 0b4e7a0e5fe84ad35fb5f95b9ceeac790b4e7a0e5fe84ad35fb5f95b9ceeac79 //123456

root_password_sha2 =ed02457b5c41d964dbd2f2a609d63fe1bb7528dbe55e1abf5b52c249cd735797 //aaaaaa

   

web_listen_uri = http://0.0.0.0:9000/

rest_listen_uri = http://0.0.0.0:12900/

rest_transport_uri = http://192.168.1.135:12900/

elasticsearch_shards = 1

elasticsearch_replicas = 0

mongodb_useauth = false

#sudo chkconfig --add graylog-server

#systemctl daemon-reload

#systemctl enable graylog-server.service

#systemctl start graylog-server.service

   

   

========================================test==================================================

[root@graylog test]# netstat -nltp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 2246/mongod

tcp 0 0 0.0.0.0:28010 0.0.0.0:* LISTEN 7595/./mongod

tcp 0 0 0.0.0.0:28011 0.0.0.0:* LISTEN 9352/./mongod

tcp 0 0 0.0.0.0:28012 0.0.0.0:* LISTEN 9443/./mongod

tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2348/dnsmasq

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 993/sshd

tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 982/cupsd

tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2192/master

tcp6 0 0 :::9000 :::* LISTEN 1010/java

tcp6 0 0 :::1514 :::* LISTEN 1010/java

tcp6 0 0 :::12202 :::* LISTEN 1010/java

tcp6 0 0 :::22222 :::* LISTEN 1010/java

tcp6 0 0 127.0.0.1:9200 :::* LISTEN 1013/java

tcp6 0 0 ::1:9200 :::* LISTEN 1013/java

tcp6 0 0 127.0.0.1:9300 :::* LISTEN 1013/java

tcp6 0 0 ::1:9300 :::* LISTEN 1013/java

tcp6 0 0 :::22 :::* LISTEN 993/sshd

tcp6 0 0 ::1:631 :::* LISTEN 982/cupsd

tcp6 0 0 ::1:25 :::* LISTEN 2192/master

tcp6 0 0 :::12900 :::* LISTEN 1010/java

tcp6 0 0 127.0.0.1:9350 :::* LISTEN 1010/java

tcp6 0 0 ::1:9350 :::* LISTEN 1010/java

tcp6 0 0 :::11111 :::* LISTEN 1010/java

[root@graylog test]#

   

posted on 2016-08-08 16:12  iamqiu  阅读(5830)  评论(0编辑  收藏  举报

导航