graylog 5.0 发布了
graylog 5.0 最近ga 发布了,包含了不少新特性(ui 变化,新参考文档)
参考运行
- docker-compose 文件
version: '3'
services:
mongo:
image: mongo:5.0.13
ports:
- 27017:27017
networks:
- graylog
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Dlog4j2.formatMsgNoLookups=true -Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
networks:
- graylog
graylog:
image: graylog/graylog:5.0
environment:
# CHANGE ME (must be at least 16 characters)!
- GRAYLOG_PASSWORD_SECRET=somepasswordpepper
# Password: admin
- GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
- GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/
entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh
networks:
- graylog
depends_on:
- mongo
- elasticsearch
ports:
# Graylog web interface and REST API
- 9000:9000
# Syslog TCP
- 1514:1514
# Syslog UDP
- 1514:1514/udp
# GELF TCP
- 12201:12201
# GELF UDP
- 12201:12201/udp
networks:
graylog:
driver: bridge
- 效果
ui 是比以前颜色调整了
说明
目前5.0 已经废弃es 6 的支持,同时基于mongo支持5以及6了,但是最小版本是5,对于opensearch 支持2.0了,同时jdk 也调整为支持17了,注意如果升级需要注意依赖的版本问题,同时新版本变动的一些issue 也是值得看看的,可以了解一些配置变动,以及bug修复
参考资料
https://www.graylog.org/releases
https://go2docs.graylog.org/5-0/what_is_graylog/what_is_graylog.htm
https://www.graylog.org/post/graylog-5-0-a-new-day-for-it-secops/
https://opensearch.org/docs/latest/
https://go2docs.graylog.org/5-0/changelogs/changelog.html?tocpath=Changelogs%7C_____1